Rogierw\Letsencrypt\Support\JsonWebSignature::generate()

Complexity

Conditions	1
Paths	1

Size

Total Lines	27
Code Lines	18

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

<?php
    public static function generate(array $payload, string $url, string $nonce, string $accountKeysPath): array
    {
        $privateKey = openssl_pkey_get_private(file_get_contents($accountKeysPath . 'private.pem'));
        $details = openssl_pkey_get_details($privateKey);

It seems like $privateKey can also be of type false; however, parameter $key of openssl_pkey_get_details() does only seem to accept resource, maybe add an additional type check?

        $protected = [
            'alg' => 'RS256',
            'jwk' => [
                'kty' => 'RSA',
                'n'   => Base64::UrlSafeEncode($details['rsa']['n']),
                'e'   => Base64::UrlSafeEncode($details['rsa']['e']),
            ],
            'nonce' => $nonce,
            'url'   => $url,
        ];

        $payload64 = Base64::urlSafeEncode(str_replace('\\/', '/', json_encode($payload)));
        $protected64 = Base64::urlSafeEncode(json_encode($protected));

        openssl_sign($protected64 . '.' . $payload64, $signed, $privateKey, 'SHA256');

'SHA256' of type string is incompatible with the type integer expected by parameter $signature_alg of openssl_sign().

        $signed64 = Base64::urlSafeEncode($signed);

        return [
            'protected' => $protected64,
            'payload'   => $payload64,
            'signature' => $signed64,
        ];