checkKey($key); if (!$key->has('d')) { throw new InvalidArgumentException('The EC key is not private'); } $pem = ECKey::convertPrivateKeyToPEM($key); openssl_sign($input, $signature, $pem, $this->getHashAlgorithm()); return ECSignature::fromAsn1($signature, $this->getSignaturePartLength()); } public function verify(JWK $key, string $input, string $signature): bool { $this->checkKey($key); try { $der = ECSignature::toAsn1($signature, $this->getSignaturePartLength()); $pem = ECKey::convertPublicKeyToPEM($key); return 1 === openssl_verify($input, $der, $pem, $this->getHashAlgorithm()); } catch (Throwable $e) { return false; } } abstract protected function getHashAlgorithm(): string; abstract protected function getSignaturePartLength(): int; private function checkKey(JWK $key): void { if (!in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { throw new InvalidArgumentException('Wrong key type.'); } foreach (['x', 'y', 'crv'] as $k) { if (!$key->has($k)) { throw new InvalidArgumentException(sprintf('The key parameter "%s" is missing.', $k)); } } } }