From 19985dbb8c0aa66dc4bf7905abc1148de909097d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anton=20Luka=20=C5=A0ijanec?= <anton@sijanec.eu>
Date: Tue, 11 Jan 2022 12:35:47 +0100
Subject: prvi-commit

---
 .../web-token/jwt-key-mgmt/KeyConverter/ECKey.php  | 273 +++++++++++++++++++++
 .../jwt-key-mgmt/KeyConverter/KeyConverter.php     | 256 +++++++++++++++++++
 .../web-token/jwt-key-mgmt/KeyConverter/RSAKey.php | 244 ++++++++++++++++++
 3 files changed, 773 insertions(+)
 create mode 100644 vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php
 create mode 100644 vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php
 create mode 100644 vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php

(limited to 'vendor/web-token/jwt-key-mgmt/KeyConverter')

diff --git a/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php b/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php
new file mode 100644
index 0000000..4ab0090
--- /dev/null
+++ b/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php
@@ -0,0 +1,273 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyConverter;
+
+use Base64Url\Base64Url;
+use FG\ASN1\ASNObject;
+use FG\ASN1\ExplicitlyTaggedObject;
+use FG\ASN1\Universal\BitString;
+use FG\ASN1\Universal\Integer;
+use FG\ASN1\Universal\ObjectIdentifier;
+use FG\ASN1\Universal\OctetString;
+use FG\ASN1\Universal\Sequence;
+
+/**
+ * @internal
+ */
+class ECKey
+{
+    /**
+     * @var array
+     */
+    private $values = [];
+
+    /**
+     * ECKey constructor.
+     */
+    private function __construct(array $data)
+    {
+        $this->loadJWK($data);
+    }
+
+    /**
+     * @return ECKey
+     */
+    public static function createFromPEM(string $pem): self
+    {
+        $data = self::loadPEM($pem);
+
+        return new self($data);
+    }
+
+    /**
+     * @throws \Exception
+     */
+    private static function loadPEM(string $data): array
+    {
+        $data = \base64_decode(\preg_replace('#-.*-|\r|\n#', '', $data), true);
+        $asnObject = ASNObject::fromBinary($data);
+
+        if (!$asnObject instanceof Sequence) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+        $children = $asnObject->getChildren();
+        if (self::isPKCS8($children)) {
+            $children = self::loadPKCS8($children);
+        }
+
+        if (4 === \count($children)) {
+            return self::loadPrivatePEM($children);
+        }
+        if (2 === \count($children)) {
+            return self::loadPublicPEM($children);
+        }
+
+        throw new \Exception('Unable to load the key.');
+    }
+
+    /**
+     * @param ASNObject[] $children
+     */
+    private static function loadPKCS8(array $children): array
+    {
+        $binary = \hex2bin($children[2]->getContent());
+        $asnObject = ASNObject::fromBinary($binary);
+        if (!$asnObject instanceof Sequence) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        return $asnObject->getChildren();
+    }
+
+    /**
+     * @param ASNObject[] $children
+     */
+    private static function loadPublicPEM(array $children): array
+    {
+        if (!$children[0] instanceof Sequence) {
+            throw new \InvalidArgumentException('Unsupported key type.');
+        }
+
+        $sub = $children[0]->getChildren();
+        if (!$sub[0] instanceof ObjectIdentifier) {
+            throw new \InvalidArgumentException('Unsupported key type.');
+        }
+        if ('1.2.840.10045.2.1' !== $sub[0]->getContent()) {
+            throw new \InvalidArgumentException('Unsupported key type.');
+        }
+        if (!$sub[1] instanceof ObjectIdentifier) {
+            throw new \InvalidArgumentException('Unsupported key type.');
+        }
+        if (!$children[1] instanceof BitString) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        $bits = $children[1]->getContent();
+        $bits_length = \mb_strlen($bits, '8bit');
+        if ('04' !== \mb_substr($bits, 0, 2, '8bit')) {
+            throw new \InvalidArgumentException('Unsupported key type');
+        }
+
+        $values = ['kty' => 'EC'];
+        $values['crv'] = self::getCurve($sub[1]->getContent());
+        $values['x'] = Base64Url::encode(\hex2bin(\mb_substr($bits, 2, ($bits_length - 2) / 2, '8bit')));
+        $values['y'] = Base64Url::encode(\hex2bin(\mb_substr($bits, ($bits_length - 2) / 2 + 2, ($bits_length - 2) / 2, '8bit')));
+
+        return $values;
+    }
+
+    private static function getCurve(string $oid): string
+    {
+        $curves = self::getSupportedCurves();
+        $curve = \array_search($oid, $curves, true);
+        if (!\is_string($curve)) {
+            throw new \InvalidArgumentException('Unsupported OID.');
+        }
+
+        return $curve;
+    }
+
+    private static function getSupportedCurves(): array
+    {
+        return [
+            'P-256' => '1.2.840.10045.3.1.7',
+            'P-384' => '1.3.132.0.34',
+            'P-521' => '1.3.132.0.35',
+        ];
+    }
+
+    private static function verifyVersion(ASNObject $children)
+    {
+        if (!$children instanceof Integer || '1' !== $children->getContent()) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+    }
+
+    private static function getXAndY(ASNObject $children, ?string &$x, ?string &$y)
+    {
+        if (!$children instanceof ExplicitlyTaggedObject || !\is_array($children->getContent())) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+        if (!$children->getContent()[0] instanceof BitString) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        $bits = $children->getContent()[0]->getContent();
+        $bits_length = \mb_strlen($bits, '8bit');
+
+        if ('04' !== \mb_substr($bits, 0, 2, '8bit')) {
+            throw new \InvalidArgumentException('Unsupported key type');
+        }
+
+        $x = \mb_substr($bits, 2, ($bits_length - 2) / 2, '8bit');
+        $y = \mb_substr($bits, ($bits_length - 2) / 2 + 2, ($bits_length - 2) / 2, '8bit');
+    }
+
+    private static function getD(ASNObject $children): string
+    {
+        if (!$children instanceof OctetString) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        return $children->getContent();
+    }
+
+    private static function loadPrivatePEM(array $children): array
+    {
+        self::verifyVersion($children[0]);
+        $x = null;
+        $y = null;
+        $d = self::getD($children[1]);
+        self::getXAndY($children[3], $x, $y);
+
+        if (!$children[2] instanceof ExplicitlyTaggedObject || !\is_array($children[2]->getContent())) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+        if (!$children[2]->getContent()[0] instanceof ObjectIdentifier) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        $curve = $children[2]->getContent()[0]->getContent();
+
+        $values = ['kty' => 'EC'];
+        $values['crv'] = self::getCurve($curve);
+        $values['d'] = Base64Url::encode(\hex2bin($d));
+        $values['x'] = Base64Url::encode(\hex2bin($x));
+        $values['y'] = Base64Url::encode(\hex2bin($y));
+
+        return $values;
+    }
+
+    /**
+     * @param ASNObject[] $children
+     */
+    private static function isPKCS8(array $children): bool
+    {
+        if (3 !== \count($children)) {
+            return false;
+        }
+
+        $classes = [0 => Integer::class, 1 => Sequence::class, 2 => OctetString::class];
+        foreach ($classes as $k => $class) {
+            if (!$children[$k] instanceof $class) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * @param ECKey $private
+     *
+     * @return ECKey
+     */
+    public static function toPublic(self $private): self
+    {
+        $data = $private->toArray();
+        if (\array_key_exists('d', $data)) {
+            unset($data['d']);
+        }
+
+        return new self($data);
+    }
+
+    /**
+     * @return array
+     */
+    public function toArray()
+    {
+        return $this->values;
+    }
+
+    private function loadJWK(array $jwk)
+    {
+        $keys = [
+            'kty' => 'The key parameter "kty" is missing.',
+            'crv' => 'Curve parameter is missing',
+            'x' => 'Point parameters are missing.',
+            'y' => 'Point parameters are missing.',
+        ];
+        foreach ($keys as $k => $v) {
+            if (!\array_key_exists($k, $jwk)) {
+                throw new \InvalidArgumentException($v);
+            }
+        }
+
+        if ('EC' !== $jwk['kty']) {
+            throw new \InvalidArgumentException('JWK is not an Elliptic Curve key.');
+        }
+        $this->values = $jwk;
+    }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php b/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php
new file mode 100644
index 0000000..17a5428
--- /dev/null
+++ b/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php
@@ -0,0 +1,256 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyConverter;
+
+use Base64Url\Base64Url;
+
+/**
+ * @internal
+ */
+class KeyConverter
+{
+    /**
+     * @throws \InvalidArgumentException
+     */
+    public static function loadKeyFromCertificateFile(string $file): array
+    {
+        if (!\file_exists($file)) {
+            throw new \InvalidArgumentException(\sprintf('File "%s" does not exist.', $file));
+        }
+        $content = \file_get_contents($file);
+
+        return self::loadKeyFromCertificate($content);
+    }
+
+    /**
+     * @throws \InvalidArgumentException
+     */
+    public static function loadKeyFromCertificate(string $certificate): array
+    {
+        try {
+            $res = \openssl_x509_read($certificate);
+        } catch (\Exception $e) {
+            $certificate = self::convertDerToPem($certificate);
+            $res = \openssl_x509_read($certificate);
+        }
+        if (false === $res) {
+            throw new \InvalidArgumentException('Unable to load the certificate.');
+        }
+
+        $values = self::loadKeyFromX509Resource($res);
+        \openssl_x509_free($res);
+
+        return $values;
+    }
+
+    /**
+     * @param resource $res
+     *
+     * @throws \Exception
+     */
+    public static function loadKeyFromX509Resource($res): array
+    {
+        $key = \openssl_get_publickey($res);
+
+        $details = \openssl_pkey_get_details($key);
+        if (isset($details['key'])) {
+            $values = self::loadKeyFromPEM($details['key']);
+            \openssl_x509_export($res, $out);
+            $x5c = \preg_replace('#-.*-#', '', $out);
+            $x5c = \preg_replace('~\R~', PHP_EOL, $x5c);
+            $x5c = \trim($x5c);
+            $values['x5c'] = [$x5c];
+
+            $values['x5t'] = Base64Url::encode(\openssl_x509_fingerprint($res, 'sha1', true));
+            $values['x5t#256'] = Base64Url::encode(\openssl_x509_fingerprint($res, 'sha256', true));
+
+            return $values;
+        }
+
+        throw new \InvalidArgumentException('Unable to load the certificate');
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public static function loadFromKeyFile(string $file, ?string $password = null): array
+    {
+        $content = \file_get_contents($file);
+
+        return self::loadFromKey($content, $password);
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public static function loadFromKey(string $key, ?string $password = null): array
+    {
+        try {
+            return self::loadKeyFromDER($key, $password);
+        } catch (\Exception $e) {
+            return self::loadKeyFromPEM($key, $password);
+        }
+    }
+
+    /**
+     * @throws \Exception
+     */
+    private static function loadKeyFromDER(string $der, ?string $password = null): array
+    {
+        $pem = self::convertDerToPem($der);
+
+        return self::loadKeyFromPEM($pem, $password);
+    }
+
+    /**
+     * @throws \Exception
+     */
+    private static function loadKeyFromPEM(string $pem, ?string $password = null): array
+    {
+        if (\preg_match('#DEK-Info: (.+),(.+)#', $pem, $matches)) {
+            $pem = self::decodePem($pem, $matches, $password);
+        }
+
+        self::sanitizePEM($pem);
+
+        $res = \openssl_pkey_get_private($pem);
+        if (false === $res) {
+            $res = \openssl_pkey_get_public($pem);
+        }
+        if (false === $res) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        $details = \openssl_pkey_get_details($res);
+        if (!\is_array($details) || !\array_key_exists('type', $details)) {
+            throw new \InvalidArgumentException('Unable to get details of the key');
+        }
+
+        switch ($details['type']) {
+            case OPENSSL_KEYTYPE_EC:
+                $ec_key = ECKey::createFromPEM($pem);
+
+                return $ec_key->toArray();
+            case OPENSSL_KEYTYPE_RSA:
+                 $rsa_key = RSAKey::createFromPEM($pem);
+                $rsa_key->optimize();
+
+                 return $rsa_key->toArray();
+            default:
+                throw new \InvalidArgumentException('Unsupported key type');
+        }
+    }
+
+    /**
+     * This method modifies the PEM to get 64 char lines and fix bug with old OpenSSL versions.
+     */
+    private static function sanitizePEM(string &$pem)
+    {
+        \preg_match_all('#(-.*-)#', $pem, $matches, PREG_PATTERN_ORDER);
+        $ciphertext = \preg_replace('#-.*-|\r|\n| #', '', $pem);
+
+        $pem = $matches[0][0].PHP_EOL;
+        $pem .= \chunk_split($ciphertext, 64, PHP_EOL);
+        $pem .= $matches[0][1].PHP_EOL;
+    }
+
+    /**
+     * Be careful! The certificate chain is loaded, but it is NOT VERIFIED by any mean!
+     * It is mandatory to verify the root CA or intermediate  CA are trusted.
+     * If not done, it may lead to potential security issues.
+     */
+    public static function loadFromX5C(array $x5c): array
+    {
+        $certificate = null;
+        $last_issuer = null;
+        $last_subject = null;
+        foreach ($x5c as $cert) {
+            $current_cert = '-----BEGIN CERTIFICATE-----'.PHP_EOL.\chunk_split($cert,64,PHP_EOL).'-----END CERTIFICATE-----';
+            $x509 = \openssl_x509_read($current_cert);
+            if (false === $x509) {
+                $last_issuer = null;
+                $last_subject = null;
+
+                break;
+            }
+            $parsed = \openssl_x509_parse($x509);
+
+            \openssl_x509_free($x509);
+            if (false === $parsed) {
+                $last_issuer = null;
+                $last_subject = null;
+
+                break;
+            }
+            if (null === $last_subject) {
+                $last_subject = $parsed['subject'];
+                $last_issuer = $parsed['issuer'];
+                $certificate = $current_cert;
+            } else {
+                if (\json_encode($last_issuer) === \json_encode($parsed['subject'])) {
+                    $last_subject = $parsed['subject'];
+                    $last_issuer = $parsed['issuer'];
+                } else {
+                    $last_issuer = null;
+                    $last_subject = null;
+
+                    break;
+                }
+            }
+        }
+
+        return self::loadKeyFromCertificate($certificate);
+    }
+
+    /**
+     * @param string[] $matches
+     */
+    private static function decodePem(string $pem, array $matches, ?string $password = null): string
+    {
+        if (null === $password) {
+            throw new \InvalidArgumentException('Password required for encrypted keys.');
+        }
+
+        $iv = \pack('H*', \trim($matches[2]));
+        $iv_sub = \mb_substr($iv, 0, 8, '8bit');
+        $symkey = \pack('H*', \md5($password.$iv_sub));
+        $symkey .= \pack('H*', \md5($symkey.$password.$iv_sub));
+        $key = \preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $pem);
+        $ciphertext = \base64_decode(\preg_replace('#-.*-|\r|\n#', '', $key), true);
+
+        $decoded = \openssl_decrypt($ciphertext, \mb_strtolower($matches[1]), $symkey, OPENSSL_RAW_DATA, $iv);
+        if (!\is_string($decoded)) {
+            throw new \InvalidArgumentException('Incorrect password. Key decryption failed.');
+        }
+
+        $number = \preg_match_all('#-{5}.*-{5}#', $pem, $result);
+        if (2 !== $number) {
+            throw new \InvalidArgumentException('Unable to load the key');
+        }
+
+        $pem = $result[0][0].PHP_EOL;
+        $pem .= \chunk_split(\base64_encode($decoded), 64);
+        $pem .= $result[0][1].PHP_EOL;
+
+        return $pem;
+    }
+
+    private static function convertDerToPem(string $der_data): string
+    {
+        $pem = \chunk_split(\base64_encode($der_data), 64, PHP_EOL);
+        $pem = '-----BEGIN CERTIFICATE-----'.PHP_EOL.$pem.'-----END CERTIFICATE-----'.PHP_EOL;
+
+        return $pem;
+    }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php b/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php
new file mode 100644
index 0000000..f76b5d4
--- /dev/null
+++ b/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php
@@ -0,0 +1,244 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyConverter;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\BigInteger;
+
+/**
+ * @internal
+ */
+class RSAKey
+{
+    /**
+     * @var array
+     */
+    private $values = [];
+
+    /**
+     * RSAKey constructor.
+     */
+    private function __construct(array $data)
+    {
+        $this->loadJWK($data);
+    }
+
+    /**
+     * @return RSAKey
+     */
+    public static function createFromKeyDetails(array $details): self
+    {
+        $values = ['kty' => 'RSA'];
+        $keys = [
+            'n' => 'n',
+            'e' => 'e',
+            'd' => 'd',
+            'p' => 'p',
+            'q' => 'q',
+            'dp' => 'dmp1',
+            'dq' => 'dmq1',
+            'qi' => 'iqmp',
+        ];
+        foreach ($details as $key => $value) {
+            if (\in_array($key, $keys, true)) {
+                $value = Base64Url::encode($value);
+                $values[\array_search($key, $keys, true)] = $value;
+            }
+        }
+
+        return new self($values);
+    }
+
+    /**
+     * @return RSAKey
+     */
+    public static function createFromPEM(string $pem): self
+    {
+        $res = \openssl_pkey_get_private($pem);
+        if (false === $res) {
+            $res = \openssl_pkey_get_public($pem);
+        }
+        if (false === $res) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        $details = \openssl_pkey_get_details($res);
+        \openssl_free_key($res);
+        if (!\array_key_exists('rsa', $details)) {
+            throw new \InvalidArgumentException('Unable to load the key.');
+        }
+
+        return self::createFromKeyDetails($details['rsa']);
+    }
+
+    /**
+     * @return RSAKey
+     */
+    public static function createFromJWK(JWK $jwk): self
+    {
+        return new self($jwk->all());
+    }
+
+    public function isPublic(): bool
+    {
+        return !\array_key_exists('d', $this->values);
+    }
+
+    /**
+     * @param RSAKey $private
+     *
+     * @return RSAKey
+     */
+    public static function toPublic(self $private): self
+    {
+        $data = $private->toArray();
+        $keys = ['p', 'd', 'q', 'dp', 'dq', 'qi'];
+        foreach ($keys as $key) {
+            if (\array_key_exists($key, $data)) {
+                unset($data[$key]);
+            }
+        }
+
+        return new self($data);
+    }
+
+    public function toArray(): array
+    {
+        return $this->values;
+    }
+
+    private function loadJWK(array $jwk)
+    {
+        if (!\array_key_exists('kty', $jwk)) {
+            throw new \InvalidArgumentException('The key parameter "kty" is missing.');
+        }
+        if ('RSA' !== $jwk['kty']) {
+            throw new \InvalidArgumentException('The JWK is not a RSA key.');
+        }
+
+        $this->values = $jwk;
+    }
+
+    public function toJwk(): JWK
+    {
+        return new JWK($this->values);
+    }
+
+    /**
+     * This method will try to add Chinese Remainder Theorem (CRT) parameters.
+     * With those primes, the decryption process is really fast.
+     */
+    public function optimize()
+    {
+        if (\array_key_exists('d', $this->values)) {
+            $this->populateCRT();
+        }
+    }
+
+    /**
+     * This method adds Chinese Remainder Theorem (CRT) parameters if primes 'p' and 'q' are available.
+     */
+    private function populateCRT()
+    {
+        if (!\array_key_exists('p', $this->values) && !\array_key_exists('q', $this->values)) {
+            $d = BigInteger::createFromBinaryString(Base64Url::decode($this->values['d']));
+            $e = BigInteger::createFromBinaryString(Base64Url::decode($this->values['e']));
+            $n = BigInteger::createFromBinaryString(Base64Url::decode($this->values['n']));
+
+            list($p, $q) = $this->findPrimeFactors($d, $e, $n);
+            $this->values['p'] = Base64Url::encode($p->toBytes());
+            $this->values['q'] = Base64Url::encode($q->toBytes());
+        }
+
+        if (\array_key_exists('dp', $this->values) && \array_key_exists('dq', $this->values) && \array_key_exists('qi', $this->values)) {
+            return;
+        }
+
+        $one = BigInteger::createFromDecimal(1);
+        $d = BigInteger::createFromBinaryString(Base64Url::decode($this->values['d']));
+        $p = BigInteger::createFromBinaryString(Base64Url::decode($this->values['p']));
+        $q = BigInteger::createFromBinaryString(Base64Url::decode($this->values['q']));
+
+        $this->values['dp'] = Base64Url::encode($d->mod($p->subtract($one))->toBytes());
+        $this->values['dq'] = Base64Url::encode($d->mod($q->subtract($one))->toBytes());
+        $this->values['qi'] = Base64Url::encode($q->modInverse($p)->toBytes());
+    }
+
+    /**
+     * @return BigInteger[]
+     */
+    private function findPrimeFactors(BigInteger $d, BigInteger $e, BigInteger $n): array
+    {
+        $zero = BigInteger::createFromDecimal(0);
+        $one = BigInteger::createFromDecimal(1);
+        $two = BigInteger::createFromDecimal(2);
+
+        $k = $d->multiply($e)->subtract($one);
+
+        if ($k->isEven()) {
+            $r = $k;
+            $t = $zero;
+
+            do {
+                $r = $r->divide($two);
+                $t = $t->add($one);
+            } while ($r->isEven());
+
+            $found = false;
+            $y = null;
+
+            for ($i = 1; $i <= 100; ++$i) {
+                $g = BigInteger::random($n->subtract($one));
+                $y = $g->modPow($r, $n);
+
+                if ($y->equals($one) || $y->equals($n->subtract($one))) {
+                    continue;
+                }
+
+                for ($j = $one; $j->lowerThan($t->subtract($one)); $j = $j->add($one)) {
+                    $x = $y->modPow($two, $n);
+
+                    if ($x->equals($one)) {
+                        $found = true;
+
+                        break;
+                    }
+
+                    if ($x->equals($n->subtract($one))) {
+                        continue;
+                    }
+
+                    $y = $x;
+                }
+
+                $x = $y->modPow($two, $n);
+                if ($x->equals($one)) {
+                    $found = true;
+
+                    break;
+                }
+            }
+
+            if (true === $found) {
+                $p = $y->subtract($one)->gcd($n);
+                $q = $n->divide($p);
+
+                return [$p, $q];
+            }
+        }
+
+        throw new \InvalidArgumentException('Unable to find prime factors.');
+    }
+}
-- 
cgit v1.2.3