/**
* Authenticate a string
*
* @param string $message
* @param \ParagonIE\Halite\Contract\CryptoKeyInterface $secretKey
* @param boolean $raw
* @throws CryptoAlert\InvalidKey
* @return string
*/
public static function authenticate($message, Contract\CryptoKeyInterface $secretKey, $raw = false)
{
if ($secretKey->isAsymmetricKey()) {
throw new CryptoAlert\InvalidKey('Expected a symmetric key, not an asymmetric key');
}
if (!$secretKey->isSigningKey()) {
throw new CryptoAlert\InvalidKey('Authentication key expected');
}
$mac = self::calculateMAC($message, $secretKey->get());
if ($raw) {
return $mac;
}
return \Sodium\bin2hex($mac);
}
/**
* Verify a signed message with the correct public key
*
* @param string $message Message to verify
* @param Key $publickey
* @param string $signature
* @param boolean $raw Don't hex decode the input?
*
* @return boolean
*/
public static function verify($message, Contract\CryptoKeyInterface $publickey, $signature, $raw = false)
{
if (!$publickey->isSigningKey()) {
throw new CryptoAlert\InvalidKey('Expected a signing key');
}
if (!$publickey->isPublicKey()) {
throw new CryptoAlert\InvalidKey('Expected a public key');
}
if (!$raw) {
$signature = \Sodium\hex2bin($signature);
}
return \Sodium\crypto_sign_verify_detached($signature, $message, $publickey->get());
}
