phpseclib may now be 2.0 or 3.0 version

alshabalin · alshabalin · commit db454a8a852c · 2021-07-14T17:27:20.000+08:00
diff --git a/composer.json b/composer.json
@@ -17,7 +17,7 @@
         "google/protobuf": "~3.15.8",
         "grpc/grpc": "^1.35",
         "lcobucci/jwt": "^3.4",
-        "phpseclib/phpseclib": "^3.0",
+        "phpseclib/phpseclib": "^2.0|^3.0",
         "psr/log": "~1.0"
     },
     "autoload": {
diff --git a/src/Jwt/Signer/Sha256.php b/src/Jwt/Signer/Sha256.php
@@ -5,6 +5,7 @@
 use Lcobucci\JWT\Signer\Key as SignerKey;
 use Lcobucci\JWT\Signer\Rsa as SignerRsa;
 
+use phpseclib\Crypt\RSA as LegacyRSA;
 use phpseclib3\Crypt\RSA;
 use phpseclib3\Crypt\PublicKeyLoader;
 
@@ -17,13 +18,25 @@ class Sha256 extends SignerRsa
      */
     public function createHash($payload, SignerKey $key)
     {
-        $private = PublicKeyLoader::load($key->getContent());
-
-        $signature = $private
-            ->withPadding(RSA::SIGNATURE_PSS)
-            ->sign($payload);
-
-        return $signature;
+        $keyContent = $key->getContent();
+
+        if (class_exists(LegacyRSA::class))
+        {
+            $rsa = new LegacyRSA;
+            $rsa->loadKey($keyContent);
+            $rsa->setHash('sha256');
+            $rsa->setMGFHash('sha256');
+            $rsa->setSignatureMode(LegacyRSA::SIGNATURE_PSS);
+
+            return $rsa->sign($payload);
+        }
+        else
+        {
+            $rsa = PublicKeyLoader::load($keyContent);
+            $rsa->withPadding(RSA::SIGNATURE_PSS);
+
+            return $rsa->sign($payload);
+        }
     }
 
     /**
