PHP

Why can't OpensslPkcs7 read the private key when logging in through the ESIA of the State Services?

I'm trying to authorize on the site through the ESIA. To do this, I use the gost_php docker container in which the https://github.com/ekapusta/oauth2-esia package is installed . The client sent its security certificate and private key in the form of 6 files (header.key, masks.key, masks2.key, name.key, primary.key, primary2.key). Using the script https://github.com/garex/nodejs-gost-crypto , I converted the private key from 6 files into one in PEM format.

Then I copied the key from the terminal to the private.key file (not only the key itself, but also the headings of the beginning and end of the key). And I forwarded the certificate and key to the gost_php container in the certs folder.

A script that generates a URI for accessing the public services API.

<?php
use Ekapusta\OAuth2Esia\Provider\EsiaProvider;
use Ekapusta\OAuth2Esia\Security\JWTSigner\OpenSslCliJwtSigner;
use Ekapusta\OAuth2Esia\Security\Signer\OpensslPkcs7;

require "vendor/autoload.php";
require "envReader.php";
header('Content-Type: application/json');

loadEnv();
$file = fopen(getcwd().'/esia.log', 'a+');
fwrite($file, "start.php\n");

$certPath = getenv('CERT_PATH');
$privateKeyPath = getenv('KEY_PATH');

$clientId = $_GET['client_id'];
$redirectUri = $_GET['redirect_uri'];
$remoteUrl = $_GET['remote_url'];

$provider = new EsiaProvider(
    [
        'clientId'      => $clientId,
        'redirectUri'   => $redirectUri,
        'defaultScopes' => ['birthdate', 'gender', 'email', 'mobile'],
        'remoteUrl' => $remoteUrl,
        'remotePublicKey' => EsiaProvider::RESOURCES.'esia.test.public.key',
        'remoteCertificatePath' => EsiaProvider::RESOURCES.'esia.gost.prod.public.key',
    ],
    [
        'signer' => new OpensslPkcs7($certPath, $privateKeyPath, getenv('KEY_PASS')),
        'remoteSigner' => new OpenSslCliJwtSigner('/usr/bin/openssl'),
    ]
);
try {
    $link = $provider->getAuthorizationUrl();
    fwrite($file, $link."\n");
    $_SESSION['oauth2.esia.state'] = $provider->getState();
    fwrite($file, $_SESSION['oauth2.esia.state']."\n");

    $result = [
        'link' => $link,
        'state' => $provider->getState(),
    ];
    $result = json_encode($result);
} catch(\Exception $e) {
    fwrite($file, $e->getMessage()."\n");
    fwrite($file, $e->getTraceAsString()."\n");
    $result = [
        'error' => $e->getMessage()
    ];
    $result = json_encode($result);
} finally {
    fclose($file);
    echo $result;
}
return;

I am accessing this script from my laravel application via guzzle:

public function buildAuthLink()
    {
        $client = new Client();
        $response = $client->get($this->getLinkUrl, [
            'query' => [
                'client_id' => $this->appId,
                'redirect_uri' => $this->redirectUri,
                'remote_url' => $this->remoteUrl,
            ]
        ]);
        $body = json_decode($response->getBody(), true);
        dd($body);
        $link = $body['link'];
        $this->state = $body['state'];
        return $link;
    }

But when I try to dump the response body returned via guzzle, I get an exception:

array:1 [
  "error" => "Can not read private key ./certs/private.key"
]

Why can't the package read the private key?