/**
* Loads a set of keys into the key set. The set of keys is encoded
* in JSON Web Key Set (JWKS) format.
*
* @param string $jwk the JSON web key set to load
* @param string $password the password, if the key set is password protected
* @param string $alg the algorithm, if the key set is password protected
* @throws KeyException if there is an error in reading a key
*/
function load($jwk, $password = null, $alg = 'PBES2-HS256+A128KW')
{
if ($password != null) {
$keys = KeySet::createFromSecret($password, 'bin');
try {
$jwe = JWE::decrypt($jwk, $keys, $alg);
$jwk = $jwe->getPlaintext();
} catch (CryptException $e) {
throw new KeyException('Cannot decrypt key set', 0, $e);
}
}
$data = json_decode($jwk, true);
foreach ($data['keys'] as $key_data) {
$this->keys[] = KeyFactory::create($key_data, 'php');
}
}
public function execute(InputInterface $input, OutputInterface $output)
{
parent::execute($input, $output);
$key_file = $input->getArgument('key_file');
if (!file_exists($key_file)) {
$output->writeln('File not found: ' . $key_file);
return 1;
}
$jwks_file = $input->getArgument('jwks_file');
if (file_exists($jwks_file)) {
$set = $this->loadKeySet(file_get_contents($jwks_file));
} else {
if ($input->getOption('create')) {
$set = new KeySet();
} else {
$output->writeln('File not found: ' . $jwks_file);
return 1;
}
}
try {
$key = KeyFactory::create(file_get_contents($key_file), $input->getOption('format'));
} catch (KeyException $e) {
$output->writeln($e->getMessage());
return 2;
}
if ($key == null) {
$output->writeln('Key format or type not recognised');
return 2;
}
if ($input->getOption('id')) {
$key->setKeyId($input->getOption('id'));
}
if ($input->getOption('use')) {
$key->setUse($input->getOption('use'));
}
if ($input->getOption('ops')) {
$key->setOperations($input->getOption('ops'));
}
try {
$set->add($key);
} catch (KeyException $e) {
$output->writeln($e->getMessage());
return 2;
}
$output->writeln('Added key: ' . $key->getKeyId());
file_put_contents($jwks_file, $this->saveKeySet($set));
}