/**
* Get the public key of the basic support document of the identity provider
*
* @param optional string $name The basename of the certificate or null for default
* @param optional string $dir The directory to the certificate or null for default
* @return object An instance of the basic support document containing the public key or null
*/
static function readAndParseCert($name = null, $dir = null)
{
$p = Secrets::getPathPublicKey($name, $dir);
$cert = null;
// may throw
$cert = @file_get_contents($p);
if (!$cert) {
return null;
}
try {
// parse it
// it should be a JSON structure with alg and serialized key
// {alg: <ALG>, value: <SERIALIZED_KEY>}
$payloadSegment = WebToken::parse($cert)->getPayloadSegment();
return json_decode(Utils::base64url_decode($payloadSegment), true);
} catch (Exception $e) {
return null;
}
}
<?php
// Comment the following line out to test the script!
die;
error_reporting(0);
require_once "../lib/browserid.php";
$name = $_REQUEST["name"];
$keysize = (int) $_REQUEST["keysize"];
echo "Usage: createKeys.php?name=<name>&keysize=<keysize>\r\n";
echo "Allowed keysizes: 64, 128, 256!\r\n";
// Generate keypair:
echo "Generate key pair with keysize {$keysize}...\r\n";
$pair = RSAKeyPair::generate($keysize);
echo "Keys were generated!\r\n";
// Write secret key to file:
echo "Write Secret Key...\r\n";
$pathSecretKey = Secrets::getPathSecretKey($name);
$handle = fopen($pathSecretKey, "w+");
fwrite($handle, $pair->getSecretKey()->serialize());
fclose($handle);
echo "Secret Key was written to " . $pathSecretKey . "\r\n";
// Write public key to file:
echo "Write Public Key...\r\n";
$pathPublicKey = Secrets::getPathPublicKey($name);
$public = array("public-key" => json_decode($pair->getPublicKey()->serialize(), true));
$token = new WebToken($public);
$handle = fopen($pathPublicKey, "w+");
fwrite($handle, $token->serialize($pair->getSecretKey()));
fclose($handle);
echo "Public Key was written to " . $pathPublicKey . "\r\n";
?>
</pre>
