add passphrase and key resource close

README.md

@@ -62,13 +62,13 @@ RSA algorithms are asymmetric. A paired key is needed to sign and verify tokens.
 ```php
 use MiladRahimi\Jwt\Cryptography\Algorithms\Rsa\RS256Signer;
 use MiladRahimi\Jwt\Cryptography\Algorithms\Rsa\RS256Verifier;
-use MiladRahimi\Jwt\Cryptography\Keys\PrivateKey;
-use MiladRahimi\Jwt\Cryptography\Keys\PublicKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPrivateKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPublicKey;
 use MiladRahimi\Jwt\Generator;
 use MiladRahimi\Jwt\Parser;
 
-$privateKey = new PrivateKey('/path/to/private.pem');
-$publicKey = new PublicKey('/path/to/public.pem');
+$privateKey = new RsaPrivateKey('/path/to/private.pem');
+$publicKey = new RsaPublicKey('/path/to/public.pem');
 
 $signer = new RS256Signer($privateKey);
 $verifier = new RS256Verifier($publicKey);

src/Cryptography/Algorithms/Rsa/AbstractRsaSigner.php

@@ -2,7 +2,7 @@
 
 namespace MiladRahimi\Jwt\Cryptography\Algorithms\Rsa;
 
-use MiladRahimi\Jwt\Cryptography\Keys\PrivateKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPrivateKey;
 use MiladRahimi\Jwt\Cryptography\Signer;
 use MiladRahimi\Jwt\Exceptions\SigningException;
 
@@ -16,16 +16,16 @@ abstract class AbstractRsaSigner implements Signer
     use Naming;
 
     /**
-     * @var PrivateKey
+     * @var RsaPrivateKey
      */
     protected $privateKey;
 
     /**
      * AbstractRsaSigner constructor.
      *
-     * @param PrivateKey $publicKey
+     * @param RsaPrivateKey $publicKey
      */
-    public function __construct(PrivateKey $publicKey)
+    public function __construct(RsaPrivateKey $publicKey)
     {
         $this->setPrivateKey($publicKey);
     }
@@ -38,24 +38,26 @@ public function sign(string $message): string
         $signature = '';
 
         if (openssl_sign($message, $signature, $this->privateKey->getResource(), $this->algorithm()) === true) {
+            $this->privateKey->close();
+
             return $signature;
         }
 
         throw new SigningException();
     }
 
     /**
-     * @return PrivateKey
+     * @return RsaPrivateKey
      */
-    public function getPrivateKey(): PrivateKey
+    public function getPrivateKey(): RsaPrivateKey
     {
         return $this->privateKey;
     }
 
     /**
-     * @param PrivateKey $privateKey
+     * @param RsaPrivateKey $privateKey
      */
-    public function setPrivateKey(PrivateKey $privateKey)
+    public function setPrivateKey(RsaPrivateKey $privateKey)
     {
         $this->privateKey = $privateKey;
     }

src/Cryptography/Algorithms/Rsa/AbstractRsaVerifier.php

@@ -2,7 +2,7 @@
 
 namespace MiladRahimi\Jwt\Cryptography\Algorithms\Rsa;
 
-use MiladRahimi\Jwt\Cryptography\Keys\PublicKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPublicKey;
 use MiladRahimi\Jwt\Cryptography\Verifier;
 use MiladRahimi\Jwt\Exceptions\InvalidSignatureException;
 
@@ -16,16 +16,16 @@ abstract class AbstractRsaVerifier implements Verifier
     use Naming;
 
     /**
-     * @var PublicKey
+     * @var RsaPublicKey
      */
     protected $publicKey;
 
     /**
      * AbstractRsaVerifier constructor.
      *
-     * @param PublicKey $key
+     * @param RsaPublicKey $key
      */
-    public function __construct(PublicKey $key)
+    public function __construct(RsaPublicKey $key)
     {
         $this->setPublicKey($key);
     }
@@ -38,20 +38,22 @@ public function verify(string $plain, string $signature)
         if (openssl_verify($plain, $signature, $this->publicKey->getResource(), $this->algorithm()) !== 1) {
             throw new InvalidSignatureException();
         }
+
+        $this->publicKey->close();
     }
 
     /**
-     * @return PublicKey
+     * @return RsaPublicKey
      */
-    public function getPublicKey(): PublicKey
+    public function getPublicKey(): RsaPublicKey
     {
         return $this->publicKey;
     }
 
     /**
-     * @param PublicKey $publicKey
+     * @param RsaPublicKey $publicKey
      */
-    public function setPublicKey(PublicKey $publicKey)
+    public function setPublicKey(RsaPublicKey $publicKey)
     {
         $this->publicKey = $publicKey;
     }

src/Cryptography/Keys/PrivateKey.php → src/Cryptography/Keys/RsaPrivateKey.php

@@ -5,11 +5,11 @@
 use MiladRahimi\Jwt\Exceptions\InvalidKeyException;
 
 /**
- * Class PrivateKey
+ * Class RsaPrivateKey
  *
  * @package MiladRahimi\Jwt\Cryptography\Keys
  */
-class PrivateKey
+class RsaPrivateKey
 {
     /**
      * @var resource    Key file resource handler
@@ -19,12 +19,13 @@ class PrivateKey
     /**
      * PrivateKey constructor.
      *
-     * @param string $fileFullPath
+     * @param string $filePath
+     * @param string $passphrase
      * @throws InvalidKeyException
      */
-    public function __construct(string $fileFullPath)
+    public function __construct(string $filePath, $passphrase = '')
     {
-        $this->resource = openssl_pkey_get_private('file:///' . $fileFullPath);
+        $this->resource = openssl_pkey_get_private('file:///' . $filePath, $passphrase);
 
         if (empty($this->resource)) {
             throw new InvalidKeyException();
@@ -38,4 +39,12 @@ public function getResource()
     {
         return $this->resource;
     }
+
+    /**
+     * Close key resource
+     */
+    public function close()
+    {
+        openssl_free_key($this->getResource());
+    }
 }

src/Cryptography/Keys/PublicKey.php → src/Cryptography/Keys/RsaPublicKey.php

@@ -5,11 +5,11 @@
 use MiladRahimi\Jwt\Exceptions\InvalidKeyException;
 
 /**
- * Class PublicKey
+ * Class RsaPublicKey
  *
  * @package MiladRahimi\Jwt\Cryptography\Keys
  */
-class PublicKey
+class RsaPublicKey
 {
     /**
      * @var resource    Key file resource handler
@@ -19,12 +19,12 @@ class PublicKey
     /**
      * PublicKey constructor.
      *
-     * @param string $fileFullPath
+     * @param string $filePath
      * @throws InvalidKeyException
      */
-    public function __construct(string $fileFullPath)
+    public function __construct(string $filePath)
     {
-        $this->resource = openssl_pkey_get_public('file:///' . $fileFullPath);
+        $this->resource = openssl_pkey_get_public('file:///' . $filePath);
 
         if (empty($this->resource)) {
             throw new InvalidKeyException();
@@ -38,4 +38,12 @@ public function getResource()
     {
         return $this->resource;
     }
+
+    /**
+     * Close key resource
+     */
+    public function close()
+    {
+        openssl_free_key($this->getResource());
+    }
 }

tests/Cryptography/Keys/PrivateKeyTest.php

@@ -2,7 +2,7 @@
 
 namespace MiladRahimi\Jwt\Tests\Cryptography\Keys;
 
-use MiladRahimi\Jwt\Cryptography\Keys\PrivateKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPrivateKey;
 use MiladRahimi\Jwt\Exceptions\InvalidKeyException;
 use MiladRahimi\Jwt\Tests\TestCase;
 use Throwable;
@@ -14,7 +14,7 @@ class PrivateKeyTest extends TestCase
      */
     public function test_with_valid_key_it_should_pass()
     {
-        $key = new PrivateKey(__DIR__ . '/../../../resources/test/keys/rsa-private.pem');
+        $key = new RsaPrivateKey(__DIR__ . '/../../../resources/test/keys/rsa-private.pem');
         $this->assertNotNull($key->getResource());
     }
 
@@ -24,6 +24,6 @@ public function test_with_valid_key_it_should_pass()
     public function test_with_invalid_key_it_should_fail()
     {
         $this->expectException(InvalidKeyException::class);
-        new PrivateKey('Invalid Key!');
+        new RsaPrivateKey('Invalid Key!');
     }
 }

tests/Cryptography/Keys/PublicKeyTest.php

@@ -2,7 +2,7 @@
 
 namespace MiladRahimi\Jwt\Tests\Cryptography\Keys;
 
-use MiladRahimi\Jwt\Cryptography\Keys\PublicKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPublicKey;
 use MiladRahimi\Jwt\Exceptions\InvalidKeyException;
 use MiladRahimi\Jwt\Tests\TestCase;
 use Throwable;
@@ -14,7 +14,7 @@ class PublicKeyTest extends TestCase
      */
     public function test_with_valid_key_it_should_pass()
     {
-        $key = new PublicKey(__DIR__ . '/../../../resources/test/keys/rsa-public.pem');
+        $key = new RsaPublicKey(__DIR__ . '/../../../resources/test/keys/rsa-public.pem');
         $this->assertNotNull($key->getResource());
     }
 
@@ -24,6 +24,6 @@ public function test_with_valid_key_it_should_pass()
     public function test_with_invalid_key_it_should_fail()
     {
         $this->expectException(InvalidKeyException::class);
-        new PublicKey('Invalid Key!');
+        new RsaPublicKey('Invalid Key!');
     }
 }

tests/ExamplesTest.php

@@ -5,8 +5,8 @@
 use MiladRahimi\Jwt\Cryptography\Algorithms\Hmac\HS256;
 use MiladRahimi\Jwt\Cryptography\Algorithms\Rsa\RS256Signer;
 use MiladRahimi\Jwt\Cryptography\Algorithms\Rsa\RS256Verifier;
-use MiladRahimi\Jwt\Cryptography\Keys\PrivateKey;
-use MiladRahimi\Jwt\Cryptography\Keys\PublicKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPrivateKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPublicKey;
 use MiladRahimi\Jwt\Generator;
 use MiladRahimi\Jwt\Parser;
 use MiladRahimi\Jwt\Validator\DefaultValidator;
@@ -39,8 +39,8 @@ public function test_simple_example()
      */
     public function test_rsa_algorithms()
     {
-        $privateKey = new PrivateKey(__DIR__ . '/../resources/test/keys/rsa-private.pem');
-        $publicKey = new PublicKey(__DIR__ . '/../resources/test/keys/rsa-public.pem');
+        $privateKey = new RsaPrivateKey(__DIR__ . '/../resources/test/keys/rsa-private.pem');
+        $publicKey = new RsaPublicKey(__DIR__ . '/../resources/test/keys/rsa-public.pem');
 
         $signer = new RS256Signer($privateKey);
         $verifier = new RS256Verifier($publicKey);

tests/TestCase.php

@@ -3,8 +3,8 @@
 namespace MiladRahimi\Jwt\Tests;
 
 use MiladRahimi\Jwt\Cryptography\Algorithms\Hmac\HS256;
-use MiladRahimi\Jwt\Cryptography\Keys\PrivateKey;
-use MiladRahimi\Jwt\Cryptography\Keys\PublicKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPrivateKey;
+use MiladRahimi\Jwt\Cryptography\Keys\RsaPublicKey;
 use MiladRahimi\Jwt\Cryptography\Signer;
 use MiladRahimi\Jwt\Cryptography\Verifier;
 use Throwable;
@@ -17,12 +17,12 @@ abstract class TestCase extends \PHPUnit\Framework\TestCase
     protected $key = '12345678901234567890123456789012';
 
     /**
-     * @var PrivateKey
+     * @var RsaPrivateKey
      */
     protected $privateKey;
 
     /**
-     * @var PublicKey
+     * @var RsaPublicKey
      */
     protected $publicKey;
 
@@ -53,9 +53,9 @@ public function setUp()
     {
         parent::setUp();
 
-        $this->privateKey = new PrivateKey(__DIR__ . '/../resources/test/keys/rsa-private.pem');
+        $this->privateKey = new RsaPrivateKey(__DIR__ . '/../resources/test/keys/rsa-private.pem');
 
-        $this->publicKey = new PublicKey(__DIR__ . '/../resources/test/keys/rsa-public.pem');
+        $this->publicKey = new RsaPublicKey(__DIR__ . '/../resources/test/keys/rsa-public.pem');
 
         $this->signer = $this->verifier = new HS256($this->key);