/** * @param array $headers * @throws RSAJWKMissingPrivateKeyParamException * @throws RSAJWKMissingPublicKeyParamException */ protected function __construct($headers = array()) { $this->set[JSONWebKeyParameters::KeyType] = new StringOrURI(JSONWebKeyTypes::RSA); parent::__construct($headers); if (count($headers) === 0) { return; } foreach (RSAKeysParameters::$public_key_params as $p) { if (!array_key_exists($p, $headers)) { throw new RSAJWKMissingPublicKeyParamException(); } $this->set[$p] = new Base64urlUInt($headers[$p]); } $this->visibility = JSONWebKeyVisibility::PublicOnly; //calculate public key $this->public_key = RSAFacade::getInstance()->buildPublicKey($this[RSAKeysParameters::Modulus]->toBigInt(), $this[RSAKeysParameters::Exponent]->toBigInt()); if (in_array(RSAKeysParameters::PrivateExponent, $headers)) { // its a private key $this->visibility = JSONWebKeyVisibility::IncludePrivate; $this[RSAKeysParameters::PrivateExponent] = new Base64urlUInt($headers[RSAKeysParameters::PrivateExponent]); //its has one private param, must have all ... if (in_array(RSAKeysParameters::FirstPrimeFactor, $headers)) { foreach (RSAKeysParameters::$producers_private_key_params as $p) { if (!array_key_exists($p, $headers)) { throw new RSAJWKMissingPrivateKeyParamException(); } $this->set[$p] = new Base64urlUInt($headers[$p]); } $this->private_key = RSAFacade::getInstance()->buildPrivateKey($this[RSAKeysParameters::Modulus]->toBigInt(), $this[RSAKeysParameters::Exponent]->toBigInt(), $this[RSAKeysParameters::PrivateExponent]->toBigInt(), $this[RSAKeysParameters::FirstPrimeFactor]->toBigInt(), $this[RSAKeysParameters::SecondPrimeFactor]->toBigInt(), $this[RSAKeysParameters::FirstFactorCRTExponent]->toBigInt(), $this[RSAKeysParameters::SecondFactorCRTExponent]->toBigInt(), $this[RSAKeysParameters::FirstCRTCoefficient]->toBigInt()); } else { $this->private_key = RSAFacade::getInstance()->buildMinimalPrivateKey($this[RSAKeysParameters::Modulus]->toBigInt(), $this[RSAKeysParameters::PrivateExponent]->toBigInt()); } } }
/** * @param IJWKSpecification $spec * @return IJWK * @throws InvalidJWKAlgorithm * @throws InvalidJWKType */ public static function build(IJWKSpecification $spec) { if (is_null($spec)) { throw new \InvalidArgumentException('missing spec param'); } $algorithm = DigitalSignatures_MACs_Registry::getInstance()->get($spec->getAlg()); if (is_null($algorithm)) { $algorithm = KeyManagementAlgorithms_Registry::getInstance()->get($spec->getAlg()); } if (is_null($algorithm)) { throw new InvalidJWKAlgorithm(sprintf('alg %s not supported!', $spec->getAlg())); } if ($algorithm->getKeyType() !== JSONWebKeyTypes::RSA) { throw new InvalidJWKAlgorithm(sprintf('key type %s not supported!', $algorithm->getKeyType())); } if ($spec instanceof RSAJWKPEMPrivateKeySpecification) { $private_key = RSAFacade::getInstance()->buildPrivateKeyFromPEM($spec->getPEM(), $spec->getPrivateKeyPassword()); $public_key = RSAFacade::getInstance()->buildPublicKey($private_key->getModulus(), $private_key->getPublicExponent()); $jwk = RSAJWK::fromKeys(new KeyPair($public_key, $private_key)); $jwk->setAlgorithm($spec->getAlg()); $jwk->setKeyUse($spec->getUse()); return $jwk; } if ($spec instanceof RSAJWKParamsPublicKeySpecification) { $public_key = RSAFacade::getInstance()->buildPublicKey($spec->getModulus()->toBigInt(), $spec->getExponent()->toBigInt()); $jwk = RSAJWK::fromPublicKey($public_key); $jwk->setAlgorithm($spec->getAlg()); $jwk->setKeyUse($spec->getUse()); $jwk->setId($spec->getKeyId()); $jwk->setX509CertificateChain($spec->getX509CertificateChain()); return $jwk; } if ($spec instanceof RSAJWKPEMPublicKeySpecification) { $public_key = RSAFacade::getInstance()->buildPublicKeyFromPEM($spec->getPEM()); $jwk = RSAJWK::fromPublicKey($public_key); $jwk->setAlgorithm($spec->getAlg()); $jwk->setKeyUse($spec->getUse()); return $jwk; } // default ... $keys = RSAFacade::getInstance()->buildKeyPair($algorithm->getMinKeyLen()); $jwk = RSAJWK::fromKeys($keys); $jwk->setAlgorithm($spec->getAlg()); $jwk->setKeyUse($spec->getUse()); return $jwk; }
public function testRSAFacade() { $keys = RSAFacade::getInstance()->buildKeyPair(2048); $this->assertTrue(!is_null($keys)); }