/** * {@inheritdoc} */ public function verify(JWKInterface $key, $data, $signature) { $this->checkKey($key); $signature = $this->convertBinToHex($signature); $part_length = $this->getSignaturePartLength(); if (strlen($signature) !== 2 * $part_length) { return false; } $p = $this->getGenerator(); $x = $this->convertBase64ToDec($key->getValue('x')); $y = $this->convertBase64ToDec($key->getValue('y')); $R = $this->convertHexToDec(substr($signature, 0, $part_length)); $S = $this->convertHexToDec(substr($signature, $part_length)); $hash = $this->convertHexToDec(hash($this->getHashAlgorithm(), $data)); $public_key = $p->getPublicKeyFrom($x, $y); $signer = EccFactory::getSigner(); return $signer->verify($public_key, new Signature($R, $S), $hash); }
/** * @param Adapter|null $adapter * @param EcdsaSigner|null $signer * @param KeyParser|null $parser */ public function __construct(Adapter $adapter = null, Signer $signer = null, KeyParser $parser = null) { $this->adapter = $adapter ?: EccFactory::getAdapter(); $this->signer = $signer ?: EccFactory::getSigner($this->adapter); $this->parser = $parser ?: new KeyParser($this->adapter); }
/** * @param \Jose\Object\JWKInterface $key * @param string $data * @param string $R * @param string $S * * @return bool */ private function verifyPHPECCSignature(JWKInterface $key, $data, $R, $S) { $p = $this->getGenerator(); $x = $this->convertBase64ToGmp($key->get('x')); $y = $this->convertBase64ToGmp($key->get('y')); $hash = $this->convertHexToGmp(hash($this->getHashAlgorithm(), $data)); $public_key = $p->getPublicKeyFrom($x, $y); $signer = EccFactory::getSigner(); return $signer->verify($public_key, new Signature($this->convertHexToGmp($R), $this->convertHexToGmp($S)), $hash); }
/** * after_request * Hook for PHP Requests * * @param \Requests_Response $return * * @throws */ public function after_request(\Requests_Response &$return) { $headers = $return->headers; $url = $return->url; $data = $return->body; $signature = $headers['x-signature']; if ($this->debug) { echo "\n\nResponse Data:\n"; var_dump($return); } // Check if signature header exists, if not the request failed if (!isset($headers['x-signature']) or $headers['x-signature'] == '') { throw new \Exception('Request Failed'); } // build up the data to be signed $request_data = $this->service_name . "\n" . $headers['date'] . "\n" . $url . "\n"; if (!empty($data)) { $request_data .= trim($data); } // try and validate the signature // ------------------------------------ $generator = EccFactory::getNistCurves()->generator256(); $order_len = strlen($this->math_adapter->decHex($generator->getOrder())); $x = $this->math_adapter->hexDec(substr($this->public_key, 0, $order_len)); $y = $this->math_adapter->hexDec(substr($this->public_key, $order_len)); $point = new Point($this->math_adapter, EccFactory::getNistCurves()->curve256(), $x, $y, $generator->getOrder()); $public_key = new PublicKey($this->math_adapter, $generator, $point); $r = $this->math_adapter->hexDec(substr($signature, 0, $order_len)); $s = $this->math_adapter->hexDec(substr($signature, $order_len)); $signature = new Signature($r, $s); $signer = EccFactory::getSigner(); $check_hash = $this->math_adapter->hexDec(hash("sha256", $request_data)); $result = $signer->verify($public_key, $signature, $check_hash); // ------------------------------------ //$result = \ECDSA::validate($request_data, $signature, $this->public_key); // if signature validation failed, throw exception if ($result !== TRUE) { throw new \Exception('Signature Does Not Validate!'); } }