/** * EMSA-PSS-VERIFY. * * @param string $m * @param string $em * @param int $emBits * @param \Jose\Util\Hash $hash * * @return bool */ private static function verifyEMSAPSS($m, $em, $emBits, Hash $hash) { $emLen = $emBits + 1 >> 3; $sLen = $hash->getLength(); $mHash = $hash->hash($m); Assertion::greaterThan($emLen, $hash->getLength() + $sLen + 2); Assertion::eq($em[mb_strlen($em, '8bit') - 1], chr(0xbc)); $maskedDB = mb_substr($em, 0, -$hash->getLength() - 1, '8bit'); $h = mb_substr($em, -$hash->getLength() - 1, $hash->getLength(), '8bit'); $temp = chr(0xff << ($emBits & 7)); Assertion::eq(~$maskedDB[0] & $temp, $temp); $dbMask = self::getMGF1($h, $emLen - $hash->getLength() - 1, $hash); $db = $maskedDB ^ $dbMask; $db[0] = ~chr(0xff << ($emBits & 7)) & $db[0]; $temp = $emLen - $hash->getLength() - $sLen - 2; Assertion::eq(mb_substr($db, 0, $temp, '8bit'), str_repeat(chr(0), $temp)); Assertion::eq(ord($db[$temp]), 1); $salt = mb_substr($db, $temp + 1, null, '8bit'); // should be $sLen long $m2 = "" . $mHash . $salt; $h2 = $hash->hash($m2); return hash_equals($h, $h2); }