/** * {@inheritdoc} */ public function getAgreementKey($encryption_key_length, $algorithm, JWKInterface $recipient_key, array $complete_header = [], array &$additional_header_values = []) { if ($recipient_key->has('d')) { $this->checkKey($recipient_key, true); $private_key = $recipient_key; $public_key = $this->getPublicKey($complete_header); } else { $this->checkKey($recipient_key, false); $public_key = $recipient_key; switch ($public_key->get('crv')) { case 'P-256': case 'P-384': case 'P-521': $private_key = JWKFactory::createECKey(['crv' => $public_key->get('crv')]); break; case 'X25519': $private_key = JWKFactory::createOKPKey(['crv' => 'X25519']); break; default: throw new \InvalidArgumentException(sprintf('The curve "%s" is not supported', $public_key->get('crv'))); } $epk = $private_key->toPublic()->getAll(); $additional_header_values = array_merge($additional_header_values, ['epk' => $epk]); } Assertion::eq($private_key->get('crv'), $public_key->get('crv'), 'Curves are different'); $agreed_key = $this->calculateAgreementKey($private_key, $public_key); $apu = array_key_exists('apu', $complete_header) ? $complete_header['apu'] : ''; $apv = array_key_exists('apv', $complete_header) ? $complete_header['apv'] : ''; return ConcatKDF::generate($agreed_key, $algorithm, $encryption_key_length, $apu, $apv); }
/** * {@inheritdoc} */ public function getAgreementKey($encryption_key_length, JWKInterface $private_key, JWKInterface $public_key = null, array $complete_header = [], array &$additional_header_values = []) { $this->checkKey($private_key, true); if (null === $public_key) { $public_key = $this->getPublicKey($complete_header); } else { $this->checkKey($public_key, false); $additional_header_values = array_merge($additional_header_values, ['epk' => ['kty' => $private_key->get('kty'), 'crv' => $private_key->get('crv'), 'x' => $private_key->get('x'), 'y' => $private_key->get('y')]]); } if ($private_key->get('crv') !== $public_key->get('crv')) { throw new \InvalidArgumentException('Curves are different'); } $agreed_key = $this->calculateAgreementKey($private_key, $public_key); $apu = array_key_exists('apu', $complete_header) ? $complete_header['apu'] : ''; $apv = array_key_exists('apv', $complete_header) ? $complete_header['apv'] : ''; return ConcatKDF::generate($this->convertDecToBin($agreed_key), $complete_header['enc'], $encryption_key_length, $apu, $apv); }