/**
* Verify a MAC
*
* @param string $mac
* @param string $message
* @param string $aKey
* @return bool
*/
protected static function verifyMAC($mac, $message, $aKey)
{
return \Sodium\crypto_auth_verify($mac, $message, $aKey);
}
/**
* Verify a MAC
*
* @param string $mac
* @param string $message
* @param string $aKey
* @return bool
* @throws CryptoException\InvalidSignature
*/
protected static function verifyMAC(string $mac, string $message, string $aKey) : bool
{
if (CryptoUtil::safeStrlen($mac) !== \Sodium\CRYPTO_AUTH_BYTES) {
throw new CryptoException\InvalidSignature('Message Authentication Code is not the correct length; is it encoded?');
}
return \Sodium\crypto_auth_verify($mac, $message, $aKey);
}
/**
* @param string $encrypted
*
* @throws CryptoException
*
* @return string
*/
public function decrypt($encrypted)
{
if (!$encrypted || !is_string($encrypted)) {
throw new CryptoException(sprintf(self::ERR_CANNOT_DECRYPT, gettype($encrypted)));
}
// Sanity check size of payload is larger than MAC + NONCE
if (ByteString::strlen($encrypted) < self::NONCE_SIZE_BYTES + \Sodium\CRYPTO_AUTH_BYTES) {
throw new CryptoException(self::ERR_SIZE);
}
// Split into nonce, mac, and encrypted payload
$nonce = ByteString::substr($encrypted, 0, self::NONCE_SIZE_BYTES);
$mac = ByteString::substr($encrypted, self::NONCE_SIZE_BYTES, \Sodium\CRYPTO_AUTH_BYTES);
$encrypted = ByteString::substr($encrypted, self::NONCE_SIZE_BYTES + \Sodium\CRYPTO_AUTH_BYTES);
// Verify MAC
try {
$isVerified = \Sodium\crypto_auth_verify($mac, $nonce . $encrypted, $this->authSecret->getValue());
} catch (Exception $ex) {
throw new CryptoException(sprintf(self::ERR_DECODE_UNEXPECTED, $ex->getMessage()), $ex->getCode(), $ex);
}
if (!$isVerified) {
throw new CryptoException(self::ERR_DECODE);
}
// Decrypt authenticated payload
try {
$unencrypted = \Sodium\crypto_secretbox_open($encrypted, $nonce, $this->cryptoSecret->getValue());
} catch (Exception $ex) {
throw new CryptoException(sprintf(self::ERR_DECRYPT, $ex->getMessage()), $ex->getCode(), $ex);
}
return $unencrypted;
}
/**
* Validates a message signature and returns the signed message.
*
* @param string $message The signed message JSON string.
* @param string $key The signing key used with the message.
* @param string $hashKey The key to hash the key with.
* @return string A string returning the output of the signed message.
* @throws Exceptions\InvalidTypeException
* @throws Exceptions\SignatureException
*/
public static function verifyMessage($message, $key, $hashKey = '')
{
# Test the message and key for string validity.
Helpers::isString($message, 'Encryption', 'verifyMessage');
Helpers::isString($key, 'Encryption', 'verifyMessage');
Helpers::isString($hashKey, 'Encryption', 'verifyMessage');
# Create a special hashed key for encryption.
$key = Hash::hash($key, $hashKey, Constants::AUTH_KEYBYTES);
# Decode the message from JSON.
$message = base64_decode(json_decode($message, true));
if (\Sodium\crypto_auth_verify(Helpers::hex2bin($message['mac']), $message['msg'], $key)) {
\Sodium\memzero($key);
return $message['msg'];
} else {
\Sodium\memzero($key);
throw new Exceptions\SignatureException('Signature for message invalid.');
}
}
