function rsa_kyp_verify($message, $public_key, $modulus, $keylength)
{
$number = binary_to_number($message);
$decrypted = pow_mod($number, $public_key, $modulus);
$result = number_to_binary($decrypted, $keylength / 8);
return remove_KYP_padding($result, $keylength / 8);
}
/**
*
* @param $message // $message is expected to be binary data
* @param $private_key // $modulus should be numbers in (decimal) string format
* @param $modulus // $modulus should be numbers in (decimal) string format
* @param $keylength // int
* @param $hash_func // name of hash function, which will be used during signing
* @return boolean // true or false
*/
function rsa_verify($document, $signature, $public_key, $modulus, $keylength, $hash_func)
{
//only suport sha1 or md5 digest now
if (!function_exists($hash_func) && (strcmp($hash_func, 'sha1') == 0 || strcmp($hash_func, 'md5') == 0)) {
return false;
}
$document_digest_info = $hash_func($document);
$number = binary_to_number(base64_decode($signature));
$decrypted = pow_mod($number, $public_key, $modulus);
$decrypted_bytes = number_to_binary($decrypted, $keylength / 8);
if ($hash_func == "sha1") {
$result = remove_PKCS1_padding_sha1($decrypted_bytes, $keylength / 8);
} else {
$result = remove_PKCS1_padding_md5($decrypted_bytes, $keylength / 8);
}
return hex2bin($document_digest_info) == $result;
}