/** * Initialize private key from PEM. * * @param PEM $pem * @throws \UnexpectedValueException * @return self */ public static function fromPEM(PEM $pem) { switch ($pem->type()) { case PEM::TYPE_RSA_PRIVATE_KEY: return RSAPrivateKey::fromDER($pem->data()); case PEM::TYPE_EC_PRIVATE_KEY: return ECPrivateKey::fromDER($pem->data()); case PEM::TYPE_PRIVATE_KEY: return PrivateKeyInfo::fromDER($pem->data())->privateKey(); } throw new \UnexpectedValueException("PEM type " . $pem->type() . " is not a valid private key."); }
/** * Convert JWK to PEM. * * @return PEM PRIVATE KEY */ public function toPEM() { $n = $this->modulusParameter()->number()->base10(); $e = $this->exponentParameter()->number()->base10(); $d = $this->privateExponentParameter()->number()->base10(); $p = $this->firstPrimeFactorParameter()->number()->base10(); $q = $this->secondPrimeFactorParameter()->number()->base10(); $dp = $this->firstFactorCRTExponentParameter()->number()->base10(); $dq = $this->secondFactorCRTExponentParameter()->number()->base10(); $qi = $this->firstCRTCoefficientParameter()->number()->base10(); $pk = new RSAPrivateKey($n, $e, $d, $p, $q, $dp, $dq, $qi); $pki = new PrivateKeyInfo(new RSAEncryptionAlgorithmIdentifier(), $pk->toDER()); return $pki->toPEM(); }
/** * Get private key. * * @throws \RuntimeException * @return PrivateKey */ public function privateKey() { $algo = $this->algorithmIdentifier(); switch ($algo->oid()) { // RSA case AlgorithmIdentifier::OID_RSA_ENCRYPTION: return RSAPrivateKey::fromDER($this->_privateKeyData); // elliptic curve // elliptic curve case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: $pk = ECPrivateKey::fromDER($this->_privateKeyData); // if private key doesn't encode named curve, assign from parameters if (!$pk->hasNamedCurve()) { if (!$algo instanceof ECPublicKeyAlgorithmIdentifier) { throw new \UnexpectedValueException("Not an EC algorithm."); } $pk = $pk->withNamedCurve($algo->namedCurve()); } return $pk; } throw new \RuntimeException("Private key " . $algo->oid() . " not supported."); }