/** * Sign a message with our private key * * @param string $message Message to sign * @param SignatureSecretKey $privateKey * @param boolean $raw Don't hex encode the output? * * @return string Signature (detached) * * @throws CryptoException\InvalidKey */ public static function sign($message, Contract\KeyInterface $privateKey, $raw = false) { if (!$privateKey instanceof SignatureSecretKey) { throw new CryptoException\InvalidKey('Argument 2: Expected an instance of SignatureSecretKey'); } if (!$privateKey->isSigningKey()) { throw new CryptoException\InvalidKey('Expected a signing key'); } if ($privateKey->isEncryptionKey()) { throw new CryptoException\InvalidKey('Unexpected encryption key'); } $signed = \Sodium\crypto_sign_detached($message, $privateKey->get()); if ($raw) { return $signed; } return \Sodium\bin2hex($signed); }