1<?php 2/* 3 * Copyright 2019 Google LLC 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18namespace Google\Auth; 19 20use phpseclib\Crypt\RSA; 21 22/** 23 * Sign a string using a Service Account private key. 24 */ 25trait ServiceAccountSignerTrait 26{ 27 /** 28 * Sign a string using the service account private key. 29 * 30 * @param string $stringToSign 31 * @param bool $forceOpenssl Whether to use OpenSSL regardless of 32 * whether phpseclib is installed. **Defaults to** `false`. 33 * @return string 34 */ 35 public function signBlob($stringToSign, $forceOpenssl = false) 36 { 37 $privateKey = $this->auth->getSigningKey(); 38 39 $signedString = ''; 40 if (class_exists('\\phpseclib\\Crypt\\RSA') && !$forceOpenssl) { 41 $rsa = new RSA(); 42 $rsa->loadKey($privateKey); 43 $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1); 44 $rsa->setHash('sha256'); 45 46 $signedString = $rsa->sign($stringToSign); 47 } elseif (extension_loaded('openssl')) { 48 openssl_sign($stringToSign, $signedString, $privateKey, 'sha256WithRSAEncryption'); 49 } else { 50 // @codeCoverageIgnoreStart 51 throw new \RuntimeException('OpenSSL is not installed.'); 52 } 53 // @codeCoverageIgnoreEnd 54 55 return base64_encode($signedString); 56 } 57} 58