/** * Authenticate a string * * @param string $message * @param AuthenticationKey $secretKey * @param boolean $raw * @throws CryptoException\InvalidKey * @return string */ public static function authenticate($message, Contract\KeyInterface $secretKey, $raw = false) { if (!$secretKey instanceof AuthenticationKey) { throw new CryptoException\InvalidKey('Expected an instnace of AuthenticationKey'); } if ($secretKey->isAsymmetricKey()) { throw new CryptoException\InvalidKey('Expected a symmetric key, not an asymmetric key'); } if (!$secretKey->isSigningKey()) { throw new CryptoException\InvalidKey('Authentication key expected'); } $config = SymmetricConfig::getConfig(Halite::HALITE_VERSION, 'auth'); $mac = self::calculateMAC($message, $secretKey->get(), $config); if ($raw) { return $mac; } return \Sodium\bin2hex($mac); }
/** * Sign a message with our private key * * @param string $message Message to sign * @param SignatureSecretKey $privateKey * @param boolean $raw Don't hex encode the output? * * @return string Signature (detached) * * @throws CryptoException\InvalidKey */ public static function sign($message, Contract\KeyInterface $privateKey, $raw = false) { if (!$privateKey instanceof SignatureSecretKey) { throw new CryptoException\InvalidKey('Argument 2: Expected an instance of SignatureSecretKey'); } if (!$privateKey->isSigningKey()) { throw new CryptoException\InvalidKey('Expected a signing key'); } if ($privateKey->isEncryptionKey()) { throw new CryptoException\InvalidKey('Unexpected encryption key'); } $signed = \Sodium\crypto_sign_detached($message, $privateKey->get()); if ($raw) { return $signed; } return \Sodium\bin2hex($signed); }