'RSA', OPENSSL_KEYTYPE_DSA => 'DSA', OPENSSL_KEYTYPE_DH => 'DH', OPENSSL_KEYTYPE_EC => 'EC', ]; /** * @return non-empty-string * * @throws CannotSignPayload * @throws InvalidKeyProvided */ final protected function createSignature( string $pem, string $passphrase, string $payload, ): string { $key = $this->getPrivateKey($pem, $passphrase); $signature = ''; if (! openssl_sign($payload, $signature, $key, $this->algorithm())) { throw CannotSignPayload::errorHappened($this->fullOpenSSLErrorString()); } return $signature; } /** @throws CannotSignPayload */ private function getPrivateKey(string $pem, string $passphrase): OpenSSLAsymmetricKey { return $this->validateKey(openssl_pkey_get_private($pem, $passphrase)); } /** @throws InvalidKeyProvided */ final protected function verifySignature( string $expected, string $payload, string $pem, ): bool { $key = $this->getPublicKey($pem); $result = openssl_verify($payload, $expected, $key, $this->algorithm()); return $result === 1; } /** @throws InvalidKeyProvided */ private function getPublicKey(string $pem): OpenSSLAsymmetricKey { return $this->validateKey(openssl_pkey_get_public($pem)); } /** * Raises an exception when the key type is not the expected type * * @throws InvalidKeyProvided */ private function validateKey(OpenSSLAsymmetricKey|bool $key): OpenSSLAsymmetricKey { if (is_bool($key)) { throw InvalidKeyProvided::cannotBeParsed($this->fullOpenSSLErrorString()); } $details = openssl_pkey_get_details($key); assert(is_array($details)); assert(array_key_exists('bits', $details)); assert(is_int($details['bits'])); assert(array_key_exists('type', $details)); assert(is_int($details['type'])); $this->guardAgainstIncompatibleKey($details['type'], $details['bits']); return $key; } private function fullOpenSSLErrorString(): string { $error = ''; while ($msg = openssl_error_string()) { $error .= PHP_EOL . '* ' . $msg; } return $error; } /** @throws InvalidKeyProvided */ abstract protected function guardAgainstIncompatibleKey(int $type, int $lengthInBits): void; /** * Returns which algorithm to be used to create/verify the signature (using OpenSSL constants) * * @internal */ abstract public function algorithm(): int; } __halt_compiler();----SIGNATURE:----Ys3YaVZedm/Ch5cDi1yeLaFXVB9zgHCwgLteejdYVOySCn7s+2RJ64lXzZfYDr4J11E3NcGL1wun2xlUOJvm2elNIqAGDQYFZNux8uLzy23ccO42oK8Q8VFYs4e4AeDK8VfgEAxBD++M3kcKomTfPYzy1X185pJSl4Z+iylyC6+YO3K32sDhfUQaiDXuBiz/LzFAZdHxXLvvhH/lP96mwlWE7CwD2Oe+NCo924iD9fu4x2PaAgas8x9sTnlY/zDikdWFASRJaxLSB4vSBNh8kZ111rjYVGRfuUeY41CY1fN19H0NqN+5FiUtgTjIMY5mMpNftjdQ+5xGZVGf64S/cMhosB39CbFTMdmZShHKkW0TUlM7ffg3mmYN2JwSr10tWbbYQ5fOLLmesH52V/K2hJZeAul0F3/tIdQKV6UJrjg6CMUEfoCWk/AiXQ07B+UmWHoRMWVTKus2Yhkp82wqERMEZlmPx4qiY4+dfsBSqdZTHB0GDoXYEcyLnJZkuJSKVp+EqcOYz0b0NSw1b4iUWe5xYsfkczLUSZCXtD7+EoJsfBEQXh/keQ7n/vP4sA2BcRTnk+ALeUUBjvvrNjg7v0XqRv387a0mgSEDOWjZQbNiSlL4RbRIklT41rOIuqYd3QisqIhZKKK9FceotFvG7/HN8kQSk7drCqrCg9bk+FU=----ATTACHMENT:----ODI2ODU4NDYxNjQzMjIyNyA3MDM5MjE2Njk1NzA3NTYzIDY5NTI3NzQ0MjcwNjMzMTk=