Made KID optional

Fixed private key loading

Fixed publicKeyFingerprint generation

Author: rossphelan

src/Developer/Encryption/JWE/JweHeader.php

@@ -14,7 +14,7 @@ public function __construct($alg, $enc, $kid, $cty)
         $this->alg = $alg;
         $this->enc = $enc;
         $this->kid = $kid;
-        $this->cty = $cty;
+        if(!is_null($cty)) $this->cty = $cty;
     }
 
     public function toJSON()
@@ -34,11 +34,12 @@ public static function parseJweHeader($encodedHeader)
 
         $headerObj = json_decode(base64_decode($encodedHeader), true);
 
+        var_dump($headerObj);
+
         $alg = $headerObj["alg"];
         $enc = $headerObj["enc"];
         $kid = $headerObj["kid"];
-        $cty = $headerObj["cty"];
-
+        $cty = (isset($headerObj["cty"])) ? $headerObj["cty"] : null;
         return new JweHeader($alg, $enc, $kid, $cty);
     }
 

src/Developer/Encryption/JweConfigBuilder.php

@@ -2,6 +2,9 @@
 
 namespace Mastercard\Developer\Encryption;
 
+use Mastercard\Developer\Utils\EncodingUtils;
+use phpseclib3\Crypt\Hash;
+
 class JweConfigBuilder extends EncryptionConfigBuilder {
 
     /**
@@ -20,9 +23,8 @@ public static function aJweEncryptionConfig() {
      */
     public function build() {
         $this->checkParameterValues();
-        $this->computeEncryptionKeyFingerprintWhenNeeded();
+        $this->computeEncryptionKeyFingerprint($this->encryptionCertificate);
         $this->checkJsonPathParameterValues();
-
         $config = new JweConfig();
         $config->setEncryptionCertificate($this->encryptionCertificate);
         $config->setEncryptionKeyFingerprint($this->encryptionKeyFingerprint);
@@ -52,7 +54,7 @@ public function withDecryptionKey($decryptionKey) {
         $this->decryptionKey = $decryptionKey;
         return $this;
     }
-
+    
     /**
      * @param string $jsonPathIn
      * @param string $jsonPathOut
@@ -90,4 +92,20 @@ private function checkParameterValues() {
             throw new \InvalidArgumentException("You must include at least an encryption certificate or a decryption key");
         }
     }
+
+    /**
+     * @param mixed $encryptionCertificate
+     * @throws EncryptionException
+     */
+    private function computeEncryptionKeyFingerprint($encryptionCertificate) {
+        try {
+            $publicKeyPem = openssl_pkey_get_details(openssl_pkey_get_public($encryptionCertificate->getBytes()))['key'];
+            $publicKeyDer = EncodingUtils::pemToDer($publicKeyPem, '-----BEGIN PUBLIC KEY-----', '-----END PUBLIC KEY-----');
+            $hash = new Hash('sha256');
+            $this->encryptionKeyFingerprint = EncodingUtils::encodeBytes($hash->hash($publicKeyDer), FieldValueEncoding::HEX);
+        } catch (\Exception $e) {
+            throw new EncryptionException('Failed to compute encryption key fingerprint!', $e);
+        }
+    }
+
 }

src/Developer/Keys/DecryptionKey.php

@@ -39,7 +39,7 @@ public static function load($keyPath, $alias = null, $password = null){
             $pkcs12_read_results = [];
 
             if(openssl_pkcs12_read(file_get_contents($keyPath), $pkcs12_read_results, $password)) {
-                openssl_pkey_export($pkcs12_read_results['pkey'], $ret->mContents, $password);
+                $ret->mContents = $pkcs12_read_results['pkey'];
             }else{
                 $ret->mContents = file_get_contents($keyPath); 
             }