Rev 1281 | Rev 1283 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1281 | Rev 1282 | ||
---|---|---|---|
Line 412... | Line 412... | ||
412 | if (OIDplus::getPkiStatus()) { |
412 | if (OIDplus::getPkiStatus()) { |
413 | $pubKey = OIDplus::getSystemPublicKey(); |
413 | $pubKey = OIDplus::getSystemPublicKey(); |
414 | $k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation |
414 | $k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation |
415 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k); |
415 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k); |
416 | } else { |
416 | } else { |
417 | $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT'; |
417 | $key = OIDplus::authUtils()->makeSecret('0be35e52-f4ef-11ed-b67e-3c4a92df8582'); |
418 | $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false); |
418 | $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false); |
419 | $k = new \Firebase\JWT\Key($key, 'HS512'); // HMAC+SHA512 is hardcoded here |
419 | $k = new \Firebase\JWT\Key($key, 'HS512'); // HMAC+SHA512 is hardcoded here |
420 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k); |
420 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k); |
421 | } |
421 | } |
422 | } |
422 | } |
Line 434... | Line 434... | ||
434 | 434 | ||
435 | if (OIDplus::getPkiStatus()) { |
435 | if (OIDplus::getPkiStatus()) { |
436 | $privKey = OIDplus::getSystemPrivateKey(); |
436 | $privKey = OIDplus::getSystemPrivateKey(); |
437 | return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation |
437 | return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation |
438 | } else { |
438 | } else { |
439 | $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT'; |
439 | $key = OIDplus::authUtils()->makeSecret('0be35e52-f4ef-11ed-b67e-3c4a92df8582'); |
440 | $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false); |
440 | $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false); |
441 | return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); // HMAC+SHA512 is hardcoded here |
441 | return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); // HMAC+SHA512 is hardcoded here |
442 | } |
442 | } |
443 | } |
443 | } |
444 | 444 |