/**
* RSAVP1
*
* See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}.
*
* @access private
* @param MathBigInteger $s
* @return MathBigInteger
*/
function _rsavp1($s)
{
if ($s->compare($this->zero) < 0 || $s->compare($this->modulus) > 0) {
user_error('Signature representative out of range', E_USER_NOTICE);
return false;
}
return $this->_exponentiate($s);
}
/**
* @see AbstractPublicKey::verify($message, $signature)
*/
public function verify($message, $signature)
{
$params = DSAKeyPair::$KEYSIZES[$this->keysize];
$hash_alg = $params["hashAlg"];
$hexlength = $params["q_bitlength"] / 4;
// we pre-pad with 0s because encoding may have gotten rid of some
$signature = Utils::hex_lpad(bin2hex($signature), $hexlength * 2);
// now this should only happen if the signature was longer
if (strlen($signature) != $hexlength * 2) {
throw new \Exception("problem with r/s combo: " . sizeof($signature) . "/" . $hexlength . " - " . $signature);
}
$r = new MathBigInteger(substr($signature, 0, $hexlength), 16);
$s = new MathBigInteger(substr($signature, $hexlength, $hexlength), 16);
// check rangeconstraints
if ($r->compare(DSAKeyPair::$zero) < 0 || $r->compare($this->key_q) > 0) {
throw new \Exception("problem with r: " . $r->toString());
}
if ($s->compare(DSAKeyPair::$zero) < 0 || $s->compare($this->key_q) > 0) {
throw new \Exception("problem with s: " . $r->toString());
}
return CryptDSA::verify($message, $hash_alg, $r, $s, $this->key_p, $this->key_q, $this->key_g, $this->key_y);
}
