/**
* @return bool
*/
public function verifySignature()
{
if ($this->request->getPkiType() === 'none') {
return true;
}
$algorithm = $this->request->getPkiType() === 'x509+sha256' ? OPENSSL_ALGO_SHA256 : OPENSSL_ALGO_SHA1;
$signature = $this->request->getSignature();
$clone = clone $this->request;
$clone->setSignature('');
$data = $clone->serialize();
// Parse the public key
$certificates = new X509CertificatesBuf();
$certificates->parse($clone->getPkiData());
$certificate = $this->der2pem($certificates->getCertificate(0));
$pubkeyid = openssl_pkey_get_public($certificate);
return 1 === openssl_verify($data, $signature, $pubkeyid, $algorithm);
}
