Exemplo n.º 1
0
 /**
  * Sign with RSASS-PSS + MGF1+SHA256
  * 
  * @param string $message
  * @param PrivateKey $rsaPrivateKey
  * @return string
  */
 public static function sign($message, PrivateKey $rsaPrivateKey)
 {
     static $rsa = null;
     if (!$rsa) {
         $rsa = new RSA();
         $rsa->setSignatureMode(RSA::SIGNATURE_PSS);
         $rsa->setMGFHash('sha256');
     }
     $rsa->loadKey($rsaPrivateKey->getKey());
     return $rsa->sign($message);
 }
Exemplo n.º 2
0
 /**
  * Creates the signature data
  *
  * @param array $hashes
  * @param X509 $certificate
  * @param RSA $privateKey
  * @return string
  */
 private function createSignatureData(array $hashes, X509 $certificate, RSA $privateKey)
 {
     ksort($hashes);
     $privateKey->setSignatureMode(RSA::SIGNATURE_PSS);
     $privateKey->setMGFHash('sha512');
     $signature = $privateKey->sign(json_encode($hashes));
     return ['hashes' => $hashes, 'signature' => base64_encode($signature), 'certificate' => $certificate->saveX509($certificate->currentCert)];
 }
Exemplo n.º 3
0
 /**
  * Static method for quick calls to calculate a signature.
  * @link https://developer.walmartapis.com/#authentication
  * @param string $consumerId
  * @param string $privateKey
  * @param string $requestUrl
  * @param string $requestMethod
  * @param string|null $timestamp
  * @return string
  * @throws \Exception
  */
 public static function calculateSignature($consumerId, $privateKey, $requestUrl, $requestMethod, $timestamp = null)
 {
     if (is_null($timestamp) || !is_numeric($timestamp)) {
         $timestamp = self::getMilliseconds();
     }
     /**
      * Append values into string for signing
      */
     $message = $consumerId . "\n" . $requestUrl . "\n" . strtoupper($requestMethod) . "\n" . $timestamp . "\n";
     /**
      * Get RSA object for signing
      */
     $rsa = new RSA();
     $decodedPrivateKey = base64_decode($privateKey);
     $rsa->setPrivateKeyFormat(RSA::PRIVATE_FORMAT_PKCS8);
     $rsa->setPublicKeyFormat(RSA::PRIVATE_FORMAT_PKCS8);
     /**
      * Load private key
      */
     if ($rsa->loadKey($decodedPrivateKey, RSA::PRIVATE_FORMAT_PKCS8)) {
         /**
          * Make sure we use SHA256 for signing
          */
         $rsa->setHash('sha256');
         $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1);
         $signed = $rsa->sign($message);
         /**
          * Return Base64 Encode generated signature
          */
         return base64_encode($signed);
     } else {
         throw new \Exception("Unable to load private key", 1446780146);
     }
 }