/**
* {@inheritdoc}
*/
public function verify(JWKInterface $key, $data, $signature)
{
$this->checkKey($key);
$signature = $this->convertBinToHex($signature);
$part_length = $this->getSignaturePartLength();
if (strlen($signature) !== 2 * $part_length) {
return false;
}
$p = $this->getGenerator();
$x = $this->convertBase64ToDec($key->getValue('x'));
$y = $this->convertBase64ToDec($key->getValue('y'));
$R = $this->convertHexToDec(substr($signature, 0, $part_length));
$S = $this->convertHexToDec(substr($signature, $part_length));
$hash = $this->convertHexToDec(hash($this->getHashAlgorithm(), $data));
$public_key = $p->getPublicKeyFrom($x, $y);
$signer = EccFactory::getSigner();
return $signer->verify($public_key, new Signature($R, $S), $hash);
}
/**
* @param Adapter|null $adapter
* @param EcdsaSigner|null $signer
* @param KeyParser|null $parser
*/
public function __construct(Adapter $adapter = null, Signer $signer = null, KeyParser $parser = null)
{
$this->adapter = $adapter ?: EccFactory::getAdapter();
$this->signer = $signer ?: EccFactory::getSigner($this->adapter);
$this->parser = $parser ?: new KeyParser($this->adapter);
}
/**
* @param \Jose\Object\JWKInterface $key
* @param string $data
* @param string $R
* @param string $S
*
* @return bool
*/
private function verifyPHPECCSignature(JWKInterface $key, $data, $R, $S)
{
$p = $this->getGenerator();
$x = $this->convertBase64ToGmp($key->get('x'));
$y = $this->convertBase64ToGmp($key->get('y'));
$hash = $this->convertHexToGmp(hash($this->getHashAlgorithm(), $data));
$public_key = $p->getPublicKeyFrom($x, $y);
$signer = EccFactory::getSigner();
return $signer->verify($public_key, new Signature($this->convertHexToGmp($R), $this->convertHexToGmp($S)), $hash);
}
/**
* after_request
* Hook for PHP Requests
*
* @param \Requests_Response $return
*
* @throws
*/
public function after_request(\Requests_Response &$return)
{
$headers = $return->headers;
$url = $return->url;
$data = $return->body;
$signature = $headers['x-signature'];
if ($this->debug) {
echo "\n\nResponse Data:\n";
var_dump($return);
}
// Check if signature header exists, if not the request failed
if (!isset($headers['x-signature']) or $headers['x-signature'] == '') {
throw new \Exception('Request Failed');
}
// build up the data to be signed
$request_data = $this->service_name . "\n" . $headers['date'] . "\n" . $url . "\n";
if (!empty($data)) {
$request_data .= trim($data);
}
// try and validate the signature
// ------------------------------------
$generator = EccFactory::getNistCurves()->generator256();
$order_len = strlen($this->math_adapter->decHex($generator->getOrder()));
$x = $this->math_adapter->hexDec(substr($this->public_key, 0, $order_len));
$y = $this->math_adapter->hexDec(substr($this->public_key, $order_len));
$point = new Point($this->math_adapter, EccFactory::getNistCurves()->curve256(), $x, $y, $generator->getOrder());
$public_key = new PublicKey($this->math_adapter, $generator, $point);
$r = $this->math_adapter->hexDec(substr($signature, 0, $order_len));
$s = $this->math_adapter->hexDec(substr($signature, $order_len));
$signature = new Signature($r, $s);
$signer = EccFactory::getSigner();
$check_hash = $this->math_adapter->hexDec(hash("sha256", $request_data));
$result = $signer->verify($public_key, $signature, $check_hash);
// ------------------------------------
//$result = \ECDSA::validate($request_data, $signature, $this->public_key);
// if signature validation failed, throw exception
if ($result !== TRUE) {
throw new \Exception('Signature Does Not Validate!');
}
}
