/**
* {@inheritdoc}
*/
public function sign(JWKInterface $key, $input)
{
$this->checkKey($key);
Assertion::true($key->has('d'), 'The key is not a private key');
$priv = new RSAKey($key);
if ($this->getSignatureMethod() === self::SIGNATURE_PSS) {
$signature = JoseRSA::sign($priv, $input, $this->getAlgorithm());
$result = is_string($signature);
} else {
$result = openssl_sign($input, $signature, $priv->toPEM(), $this->getAlgorithm());
}
Assertion::true($result, 'An error occurred during the creation of the signature');
return $signature;
}
/**
* {@inheritdoc}
*/
public function decryptKey(JWKInterface $key, $encrypted_key, array $header)
{
$this->checkKey($key);
Assertion::true($key->has('d'), 'The key is not a private key');
$priv = new RSAKey($key);
if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) {
$decrypted = JoseRSA::decrypt($priv, $encrypted_key, $this->getHashAlgorithm());
Assertion::string($decrypted, 'Unable to decrypt the data.');
return $decrypted;
} else {
$res = openssl_private_decrypt($encrypted_key, $decrypted, $priv->toPEM(), OPENSSL_PKCS1_PADDING | OPENSSL_RAW_DATA);
Assertion::true($res, 'Unable to decrypt the data.');
return $decrypted;
}
}
