/**
* Sign a message with our private key
*
* @param string $message Message to sign
* @param SignatureSecretKey $privateKey
* @param boolean $raw Don't hex encode the output?
*
* @return string Signature (detached)
*
* @throws CryptoException\InvalidKey
*/
public static function sign($message, Contract\KeyInterface $privateKey, $raw = false)
{
if (!$privateKey instanceof SignatureSecretKey) {
throw new CryptoException\InvalidKey('Argument 2: Expected an instance of SignatureSecretKey');
}
if (!$privateKey->isSigningKey()) {
throw new CryptoException\InvalidKey('Expected a signing key');
}
if ($privateKey->isEncryptionKey()) {
throw new CryptoException\InvalidKey('Unexpected encryption key');
}
$signed = \Sodium\crypto_sign_detached($message, $privateKey->get());
if ($raw) {
return $signed;
}
return \Sodium\bin2hex($signed);
}
