public static function ParagonIE_Sodium_Core32_Ed25519::verify_detached in Automatic Updates 7
Same name and namespace in other branches
- 8 vendor/paragonie/sodium_compat/src/Core32/Ed25519.php \ParagonIE_Sodium_Core32_Ed25519::verify_detached()
@internal You should not use this directly from another application
Parameters
string $sig:
string $message:
string $pk:
Return value
bool
Throws
SodiumException
TypeError
2 calls to ParagonIE_Sodium_Core32_Ed25519::verify_detached()
- ParagonIE_Sodium_Core32_Ed25519::sign_open in vendor/
paragonie/ sodium_compat/ src/ Core32/ Ed25519.php - @internal You should not use this directly from another application
- ParagonIE_Sodium_Crypto32::sign_verify_detached in vendor/
paragonie/ sodium_compat/ src/ Crypto32.php - Verify a detached signature of a given message and public key.
File
- vendor/
paragonie/ sodium_compat/ src/ Core32/ Ed25519.php, line 276
Class
- ParagonIE_Sodium_Core32_Ed25519
- Class ParagonIE_Sodium_Core32_Ed25519
Code
public static function verify_detached($sig, $message, $pk) {
if (self::strlen($sig) < 64) {
throw new SodiumException('Signature is too short');
}
if (self::chrToInt($sig[63]) & 240 && self::check_S_lt_L(self::substr($sig, 32, 32))) {
throw new SodiumException('S < L - Invalid signature');
}
if (self::small_order($sig)) {
throw new SodiumException('Signature is on too small of an order');
}
if ((self::chrToInt($sig[63]) & 224) !== 0) {
throw new SodiumException('Invalid signature');
}
$d = 0;
for ($i = 0; $i < 32; ++$i) {
$d |= self::chrToInt($pk[$i]);
}
if ($d === 0) {
throw new SodiumException('All zero public key');
}
/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
$orig = ParagonIE_Sodium_Compat::$fastMult;
// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
ParagonIE_Sodium_Compat::$fastMult = true;
/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */
$A = self::ge_frombytes_negate_vartime($pk);
/** @var string $hDigest */
$hDigest = hash('sha512', self::substr($sig, 0, 32) . self::substr($pk, 0, 32) . $message, true);
/** @var string $h */
$h = self::sc_reduce($hDigest) . self::substr($hDigest, 32);
/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */
$R = self::ge_double_scalarmult_vartime($h, $A, self::substr($sig, 32));
/** @var string $rcheck */
$rcheck = self::ge_tobytes($R);
// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
ParagonIE_Sodium_Compat::$fastMult = $orig;
return self::verify_32($rcheck, self::substr($sig, 0, 32));
}