public function testEncrypt() { $plaintext = 'Live long and prosper.'; $public_set = $this->getPublicKeySet(); $jwe = new JWE(array("alg" => "RSA1_5", "enc" => "A128CBC-HS256"), $plaintext); $token = $jwe->encrypt($public_set); $private_set = $this->getPrivateKeySet(); $test_jwe = JWE::decrypt($token, $private_set, 'RSA1_5'); $this->assertEquals($plaintext, $test_jwe->getPlaintext()); }
/** * Returns a key set as a JSON web key set. * * If `$password` is null, an unencrypted JSON structure is returned. * * If `$password` is not null, a JWE is created using PBES2 key encryption. * * @param string $password the password * @return string the key set */ function toJWKS($password = null) { $result = array_map(function ($key) { return $key->getKeyData(); }, $this->keys); $json = json_encode(array('keys' => $result)); if ($password == null) { return $json; } $keys = KeySet::createFromSecret($password, 'bin'); $headers = array('alg' => 'PBES2-HS256+A128KW', 'enc' => 'A128CBC-HS256', 'cty' => 'jwk-set+json'); $jwe = new JWE($headers, $json); return $jwe->encrypt($keys); }
/** * Builds the JOSE response. This will return one of the following: * * - A JSON encoded string, if {@link $signed_response_alg} and * {@link $encrypted_response_alg} are both null * - A signed JWT (JWS), if {@link $signed_response_alg} is set * - A JWE containing a nested JWT, if both {@link $signed_response_alg} * and {@link $encrypted_response_alg} are set * * @param SimpleJWT\Keys\KeySet $set the key set used to sign and/or * encrypt the token. If set to null, the default set of keys * configured for the client and the server are loaded * @return string the response body */ function buildJOSE($set = null) { $rand = new Random(); $typ = $this->getType(); if ($typ == 'json') { return json_encode($this->container); } if ($set == null) { $builder = new KeySetBuilder($client); $set = $builder->addClientSecret()->addClientPublicKeys()->addServerPrivateKeys()->toKeySet(); } $headers = array_merge($this->headers, array('alg' => $this->signed_response_alg)); $claims = array_merge($this->container, array('iss' => $this->issuer, 'aud' => $this->client->getStoreID(), 'jti' => $rand->id())); $jwt = new JWT($headers, $claims); try { $token = $jwt->encode($set); } catch (CryptException $e) { return null; } if ($typ == 'jwt') { return $token; } $headers = array('alg' => $this->encrypted_response_alg, 'enc' => $this->encrypted_response_enc, 'cty' => 'JWT'); $jwe = new JWE($headers, $token); try { return $jwe->encrypt($set); } catch (CryptException $e) { return null; } }
/** * Returns a key as a JSON web key. * * If `$password` is null or if the key is a public key, an unencrypted JSON * structure is returned. * * If `$password` is not null and the key is a private key, a JWE is created * using PBES2 key encryption. * * @param string $password the password * @return string the key set */ public function toJWK($password = null) { $json = json_encode($this->data); if ($password == null || $this->isPublic()) { return $json; } $keys = KeySet::createFromSecret($password, 'bin'); $headers = array('alg' => 'PBES2-HS256+A128KW', 'enc' => 'A128CBC-HS256', 'cty' => 'jwk+json'); $jwe = new JWE($headers, $json); return $jwe->encrypt($keys); }