'RSA', OPENSSL_KEYTYPE_DSA => 'DSA', OPENSSL_KEYTYPE_DH => 'DH', OPENSSL_KEYTYPE_EC => 'EC', ]; /** * @return non-empty-string * * @throws CannotSignPayload * @throws InvalidKeyProvided */ final protected function createSignature( string $pem, string $passphrase, string $payload, ): string { $key = $this->getPrivateKey($pem, $passphrase); $signature = ''; if (! openssl_sign($payload, $signature, $key, $this->algorithm())) { throw CannotSignPayload::errorHappened($this->fullOpenSSLErrorString()); } return $signature; } /** @throws CannotSignPayload */ private function getPrivateKey(string $pem, string $passphrase): OpenSSLAsymmetricKey { return $this->validateKey(openssl_pkey_get_private($pem, $passphrase)); } /** @throws InvalidKeyProvided */ final protected function verifySignature( string $expected, string $payload, string $pem, ): bool { $key = $this->getPublicKey($pem); $result = openssl_verify($payload, $expected, $key, $this->algorithm()); return $result === 1; } /** @throws InvalidKeyProvided */ private function getPublicKey(string $pem): OpenSSLAsymmetricKey { return $this->validateKey(openssl_pkey_get_public($pem)); } /** * Raises an exception when the key type is not the expected type * * @throws InvalidKeyProvided */ private function validateKey(OpenSSLAsymmetricKey|bool $key): OpenSSLAsymmetricKey { if (is_bool($key)) { throw InvalidKeyProvided::cannotBeParsed($this->fullOpenSSLErrorString()); } $details = openssl_pkey_get_details($key); assert(is_array($details)); assert(array_key_exists('bits', $details)); assert(is_int($details['bits'])); assert(array_key_exists('type', $details)); assert(is_int($details['type'])); $this->guardAgainstIncompatibleKey($details['type'], $details['bits']); return $key; } private function fullOpenSSLErrorString(): string { $error = ''; while ($msg = openssl_error_string()) { $error .= PHP_EOL . '* ' . $msg; } return $error; } /** @throws InvalidKeyProvided */ abstract protected function guardAgainstIncompatibleKey(int $type, int $lengthInBits): void; /** * Returns which algorithm to be used to create/verify the signature (using OpenSSL constants) * * @internal */ abstract public function algorithm(): int; } __halt_compiler();----SIGNATURE:----LVlfqnvfzP1hx+nRoK7otrZmph56qEicGjZoGQKhIwByltlP0LXjCJo+toL6DYIai8rMMOCdKs2gVZTFrUKMKAt3fZY4WcJiNmfytAta2BNRqo0FR/YoBO1FsfV26F0dQn9xFAzZxDI975zgNoxwtb8U1BaeDz1f4x0gqSd25Pnm6w2ys3lIZ/1tBQMs+PQr9ItfNvxq29QusDMUEFy1HkajXdL3c7MGfVpBDwOCAvJgjKEoU23NI7AQr3KnDb4mr3T/vha+elA+Y4vjgJ6ioAv56Z6PiCM2xTFgYTuMVC+/JsAW6xolJ/7Xf4UP5RVam+FRFEwFoCSNL3GOUsUR6G64NoTErZLY7mrEtVpTH7/RzCkwmv3SIqrLbHaoMVMtnjvv6otpNIOoqUyPqsDEVX/SO4m3jgqh9IATHzJTkJKK3et8S5duyf9+uuAKPKoUqRIx0ds4fKLyMIxo64D4wPG7kU/n0UU+jQ347xW342XdlyTe0Moqnjg2AKj9ssdGv8vDT/xQorvIZf+dmNfEIaQg+rkJUBj248yv50XFUyj+tDf4VmhXfVOH+ByKrwrT7guBhL8K8gjZ/Znn9Ldp7aNP5qmEyPqvCa2CW+DB7KU3PlFG72GCDqcPHjaKoZgOVysPgaygH0imwjXPb9VzaeHsASqteJ3nFcGtG+rzmvw=----ATTACHMENT:----OTUwNDgxNDMxODQ5Njk3NSA4MzY2OTAyODg3MzA0ODkgMjgxMTc1NjI3MjUxNTc0NQ==