public function getAgreementKey($encryption_key_length, $algorithm, JWKInterface $recipient_key, array $complete_header = [], array &$additional_header_values = [])
{
if ($recipient_key->has('d')) {
$this->checkKey($recipient_key, true);
$private_key = $recipient_key;
$public_key = $this->getPublicKey($complete_header);
} else {
$this->checkKey($recipient_key, false);
$public_key = $recipient_key;
switch ($public_key->get('crv')) {
case 'P-256':
case 'P-384':
case 'P-521':
$private_key = JWKFactory::createECKey(['crv' => $public_key->get('crv')]);
break;
case 'X25519':
$private_key = JWKFactory::createOKPKey(['crv' => 'X25519']);
break;
default:
throw new \InvalidArgumentException(sprintf('The curve "%s" is not supported', $public_key->get('crv')));
}
$epk = $private_key->toPublic()->getAll();
$additional_header_values = array_merge($additional_header_values, ['epk' => $epk]);
}
Assertion::eq($private_key->get('crv'), $public_key->get('crv'), 'Curves are different');
$agreed_key = $this->calculateAgreementKey($private_key, $public_key);
$apu = array_key_exists('apu', $complete_header) ? $complete_header['apu'] : '';
$apv = array_key_exists('apv', $complete_header) ? $complete_header['apv'] : '';
return ConcatKDF::generate($agreed_key, $algorithm, $encryption_key_length, $apu, $apv);
}
