/** * @param \Jose\Algorithm\JWAInterface $algorithm */ public function addAlgorithm(JWAInterface $algorithm) { $name = $algorithm->getAlgorithmName(); if (!array_key_exists($name, $this->algorithms)) { $this->algorithms[$name] = $algorithm; } }
/** * @param \Jose\Algorithm\JWAInterface $key_encryption_algorithm * @param \Jose\Algorithm\ContentEncryption\ContentEncryptionInterface $content_encryption_algorithm * @param \Jose\Object\JWKInterface $key * @param string|null $encrypted_cek * @param array $header * * @return string|null */ private function decryptCEK(JWAInterface $key_encryption_algorithm, ContentEncryptionInterface $content_encryption_algorithm, JWKInterface $key, $encrypted_cek, array $header) { if ($key_encryption_algorithm instanceof DirectEncryptionInterface) { return $key_encryption_algorithm->getCEK($key, $header); } elseif ($key_encryption_algorithm instanceof KeyAgreementInterface) { return $key_encryption_algorithm->getAgreementKey($content_encryption_algorithm->getCEKSize(), $key, null, $header); } elseif ($key_encryption_algorithm instanceof KeyAgreementWrappingInterface) { return $key_encryption_algorithm->unwrapAgreementKey($key, $encrypted_cek, $content_encryption_algorithm->getCEKSize(), $header); } elseif ($key_encryption_algorithm instanceof KeyEncryptionInterface) { return $key_encryption_algorithm->decryptKey($key, $encrypted_cek, $header); } else { throw new \RuntimeException('Unsupported CEK generation'); } }
/** * @param \Jose\Algorithm\JWAInterface $key_encryption_algorithm * @param \Jose\Algorithm\ContentEncryptionAlgorithmInterface $content_encryption_algorithm * @param \Jose\Object\JWKInterface $key * @param \Jose\Object\RecipientInterface $recipient * @param array $complete_headers * * @return null|string */ private function decryptCEK(Algorithm\JWAInterface $key_encryption_algorithm, Algorithm\ContentEncryptionAlgorithmInterface $content_encryption_algorithm, Object\JWKInterface $key, Object\RecipientInterface $recipient, array $complete_headers) { if ($key_encryption_algorithm instanceof Algorithm\KeyEncryption\DirectEncryptionInterface) { return $key_encryption_algorithm->getCEK($key); } elseif ($key_encryption_algorithm instanceof Algorithm\KeyEncryption\KeyAgreementInterface) { return $key_encryption_algorithm->getAgreementKey($content_encryption_algorithm->getCEKSize(), $content_encryption_algorithm->getAlgorithmName(), $key, $complete_headers); } elseif ($key_encryption_algorithm instanceof Algorithm\KeyEncryption\KeyAgreementWrappingInterface) { return $key_encryption_algorithm->unwrapAgreementKey($key, $recipient->getEncryptedKey(), $content_encryption_algorithm->getCEKSize(), $complete_headers); } elseif ($key_encryption_algorithm instanceof Algorithm\KeyEncryption\KeyEncryptionInterface) { return $key_encryption_algorithm->decryptKey($key, $recipient->getEncryptedKey(), $complete_headers); } elseif ($key_encryption_algorithm instanceof Algorithm\KeyEncryption\KeyWrappingInterface) { return $key_encryption_algorithm->unwrapKey($key, $recipient->getEncryptedKey(), $complete_headers); } else { throw new \InvalidArgumentException('Unsupported CEK generation'); } }