/**
* Authenticate a string
*
* @param string $message
* @param AuthenticationKey $secretKey
* @param boolean $raw
* @throws CryptoException\InvalidKey
* @return string
*/
public static function authenticate($message, Contract\KeyInterface $secretKey, $raw = false)
{
if (!$secretKey instanceof AuthenticationKey) {
throw new CryptoException\InvalidKey('Expected an instnace of AuthenticationKey');
}
if ($secretKey->isAsymmetricKey()) {
throw new CryptoException\InvalidKey('Expected a symmetric key, not an asymmetric key');
}
if (!$secretKey->isSigningKey()) {
throw new CryptoException\InvalidKey('Authentication key expected');
}
$config = SymmetricConfig::getConfig(Halite::HALITE_VERSION, 'auth');
$mac = self::calculateMAC($message, $secretKey->get(), $config);
if ($raw) {
return $mac;
}
return \Sodium\bin2hex($mac);
}
/**
* Sign a message with our private key
*
* @param string $message Message to sign
* @param SignatureSecretKey $privateKey
* @param boolean $raw Don't hex encode the output?
*
* @return string Signature (detached)
*
* @throws CryptoException\InvalidKey
*/
public static function sign($message, Contract\KeyInterface $privateKey, $raw = false)
{
if (!$privateKey instanceof SignatureSecretKey) {
throw new CryptoException\InvalidKey('Argument 2: Expected an instance of SignatureSecretKey');
}
if (!$privateKey->isSigningKey()) {
throw new CryptoException\InvalidKey('Expected a signing key');
}
if ($privateKey->isEncryptionKey()) {
throw new CryptoException\InvalidKey('Unexpected encryption key');
}
$signed = \Sodium\crypto_sign_detached($message, $privateKey->get());
if ($raw) {
return $signed;
}
return \Sodium\bin2hex($signed);
}
