require __DIR__ . '/../../vendor/autoload.php';
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Encryption\Algorithm\ContentEncryption\A256CBCHS512;
use Jose\Component\Encryption\Algorithm\KeyEncryption\RSAOAEP256;
use Jose\Component\Encryption\Compression\CompressionMethodManager;
use Jose\Component\Encryption\Compression\Deflate;
use Jose\Component\Encryption\JWEBuilder;
use Jose\Component\Encryption\Serializer\CompactSerializer;
use Jose\Component\KeyManagement\JWKFactory;
use Jose\Component\Encryption\JWEDecrypter;
class Multiplereceipient_1 extends CI_Controller {
private $private_key1;
private $private_key2;
private $public_key1;
private $public_key2;
public function __construct() {
$this->private_key1 = "";
$this->private_key2 = "";
$this->public_key1 = "";
$this->public_key2 = "";
}
public function index() {
$payload = json_encode([
'iat' => time(),
'nbf' => time(),
'exp' => time() + 3600,
'iss' => 'My service',
'aud' => 'Your application',
]);
$serializedJwe=$this->encrypt($payload);
}
public function encrypt($payload) {
// Create the algorithm manager
$keyEncryptionAlgorithmManager = new AlgorithmManager([
new RSAOAEP256()
]);
$contentEncryptionAlgorithmManager = new AlgorithmManager([
new A256CBCHS512(),
]);
// Create the compression method manager
$compressionMethodManager = new CompressionMethodManager([
new Deflate(),
]);
// Create the JWE builder
$jweBuilder = new JWEBuilder(
$keyEncryptionAlgorithmManager,
$contentEncryptionAlgorithmManager,
$compressionMethodManager
);
// Create the recipients' public keys
$this->private_key1 = JWKFactory::createRSAKey(
2048,
[
'alg' => 'RSA-OAEP-256',
'use' => 'enc'
]);
$this->private_key2 = JWKFactory::createRSAKey(
2048,
[
'alg' => 'RSA-OAEP-256',
'use' => 'enc'
]);
$this->public_key1 = $this->private_key1->toPublic();
$this->public_key2 = $this->private_key2->toPublic();
$publicKeys = [
'recipient1' => $this->public_key1,
'recipient2' => $this->public_key2,
];
// Build the JWE for multiple recipients
$jwe = $jweBuilder
->create()
->withPayload($payload)
->withSharedProtectedHeader([
'alg' => 'RSA-OAEP-256',
'enc' => 'A256CBC-HS512',
'zip' => 'DEF'
])
->addRecipient($publicKeys['recipient1'])
->addRecipient($publicKeys['recipient2'])
->build();
// Serialize the JWE to a compact format
$serializer = new CompactSerializer();
$serializedJwe = $serializer->serialize($jwe);
echo "<pre>";
echo $serializedJwe;
$this->decrypt($serializedJwe,$this->private_key1);
$this->decrypt($serializedJwe,$this->private_key2);
}
public function decrypt($serializedJwe,$privateKey) {
echo "<br>";echo '======';
// Load the JWE from its serialized for
$serializer = new CompactSerializer();
$jwe = $serializer->unserialize($serializedJwe);
// Create the algorithm manager
$keyEncryptionAlgorithmManager = new AlgorithmManager([
new RSAOAEP256()
]);
$contentEncryptionAlgorithmManager = new AlgorithmManager([
new A256CBCHS512(),
]);
// Create the compression method manager
$compressionMethodManager = new CompressionMethodManager([
new Deflate(),
]);
// decrypt the JWE
$decryptedPayload = null;
//$recipientKey = $privateKeys[$recipient->getHeader('kid')];
$decrypter = new JWEDecrypter(
$keyEncryptionAlgorithmManager,
$contentEncryptionAlgorithmManager,
$compressionMethodManager
);
if ($decrypter->decryptUsingKey($jwe, $privateKey, 0)) {
echo "<br>";
$decryptedPayload = $jwe->getPayload();
echo "<pre>";
echo $decryptedPayload;
echo "----";
}
}
}
i am using jwt frame for jwt . using the jwe single recipients i don't face any issue. But facing problem in multiple recipients. suppose i have 2 Recipients so in i need to decrypt 2 times with the private_key and private_key2 and gives me the encrypted data. but i got the result first times encrypted but the second time(private_key2) do't get and response.
Can some provide the multiple recipients in php ?
