/** * Verifies a signature. * * @param \Jose\KeyConverter\RSAKey $key * @param string $message * @param string $signature * @param string $hash * * @return bool */ public static function verify(RSAKey $key, $message, $signature, $hash) { Assertion::string($message); Assertion::string($signature); Assertion::string($hash); Assertion::inArray($hash, ['sha256', 'sha384', 'sha512']); Assertion::eq(strlen($signature), $key->getModulusLength()); $modBits = 8 * $key->getModulusLength(); $s2 = self::convertOctetStringToInteger($signature); $m2 = self::getRSAVP1($key, $s2); Assertion::isInstanceOf($m2, BigInteger::class); $em = self::convertIntegerToOctetString($m2, $modBits >> 3); return self::verifyEMSAPSS($message, $em, $modBits - 1, Hash::$hash()); }