/**
* Constructor.
* @param string $algorithm
* @throws \DomainException If the specified algorithm is not supported.
*/
public function __construct($algorithm)
{
if (!isset(Jwa::getSupportedAlgorithms()[$algorithm])) {
throw new \DomainException('Specified algorithm is not supported.');
} else {
$this->algorithm = $algorithm;
}
}
/**
* Verifies if a digital signature is valid.
* @return boolean whether a digital signature is valid, false otherwise.
*/
public function verify()
{
switch ($this->header->getAlgorithm()) {
case 'HS256':
case 'HS384':
case 'HS512':
$alg = Jwa::getAlgorithmInstance($this->header, $this->privateKey);
$input = "{$this->encodedHeader}.{$this->encodedPayload}";
$sign = $alg->sign($input);
return self::base64UrlDecode($this->encodedSignature) === $sign;
break;
case 'RS256':
case 'RS384':
case 'RS512':
$alg = Jwa::getAlgorithmInstance($this->header);
$input = "{$this->encodedHeader}.{$this->encodedPayload}";
$sign = self::base64UrlDecode($this->encodedSignature);
return $alg->verify($input, $sign, $this->certificate);
break;
}
return null;
}
