static function verifySigKey($hash, $sig, $pubkey) { $rsa = new rsaMyExts(); $rsa->loadKey($pubkey); $hashBI = new Math_BigInteger($hash, 16); $sigBI = new Math_BigInteger($sig, 16); if ($sigBI->compare($rsa->zero) < 0 || $sigBI->compare($rsa->modulus) > 0) { return false; } // the signature has more bits than the modulus --> the signature cannot has been created by the given key and the exponentiation cannot be performed. $verify = $rsa->_rsaep($sigBI); if ($hashBI->equals($verify)) { return true; } WrongRequestException::throwException(1001, "Error: signature verifcation failed", "verifySig: given hash: {$hash}, calculated hash: " . $verify->toHex()); }