81 lines
2.0 KiB
PHP
81 lines
2.0 KiB
PHP
<?php
|
|
/**
|
|
* This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
|
|
*
|
|
* @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
|
|
*/
|
|
|
|
namespace Lcobucci\JWT\Signer;
|
|
|
|
use InvalidArgumentException;
|
|
|
|
/**
|
|
* Base class for RSASSA-PKCS1 signers
|
|
*
|
|
* @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
|
|
* @since 2.1.0
|
|
*/
|
|
abstract class Rsa extends BaseSigner
|
|
{
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function createHash($payload, Key $key)
|
|
{
|
|
$key = openssl_get_privatekey($key->getContent(), $key->getPassphrase());
|
|
$this->validateKey($key);
|
|
|
|
$signature = '';
|
|
|
|
if (!openssl_sign($payload, $signature, $key, $this->getAlgorithm())) {
|
|
throw new InvalidArgumentException(
|
|
'There was an error while creating the signature: ' . openssl_error_string()
|
|
);
|
|
}
|
|
|
|
return $signature;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function doVerify($expected, $payload, Key $key)
|
|
{
|
|
$key = openssl_get_publickey($key->getContent());
|
|
$this->validateKey($key);
|
|
|
|
return openssl_verify($payload, $expected, $key, $this->getAlgorithm()) === 1;
|
|
}
|
|
|
|
/**
|
|
* Validates if the given key is a valid RSA public/private key
|
|
*
|
|
* @param resource $key
|
|
*
|
|
* @throws InvalidArgumentException
|
|
*/
|
|
private function validateKey($key)
|
|
{
|
|
if ($key === false) {
|
|
throw new InvalidArgumentException(
|
|
'It was not possible to parse your key, reason: ' . openssl_error_string()
|
|
);
|
|
}
|
|
|
|
$details = openssl_pkey_get_details($key);
|
|
|
|
if (!isset($details['key']) || $details['type'] !== OPENSSL_KEYTYPE_RSA) {
|
|
throw new InvalidArgumentException('This key is not compatible with RSA signatures');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Returns the algorithm name
|
|
*
|
|
* @internal
|
|
*
|
|
* @return string
|
|
*/
|
|
abstract public function getAlgorithm();
|
|
}
|