public static function verify($msg, $signature, $key, $method = 'HS256')
{
if (empty(self::$methods[$method])) {
throw new DomainException('Algorithm not supported');
}
list($function, $algo) = self::$methods[$method];
switch ($function) {
case 'openssl':
$success = openssl_verify($msg, $signature, $key, $algo);
if (!$success) {
throw new DomainException("OpenSSL unable to verify data: " . openssl_error_string());
} else {
return $signature;
}
case 'hash_hmac':
default:
$hash = hash_hmac($algo, $msg, $key, true);
$len = min(strlen($signature), strlen($hash));
$status = 0;
for ($i = 0; $i < $len; $i++) {
$status |= ord($signature[$i]) ^ ord($hash[$i]);
}
$status |= strlen($signature) ^ strlen($hash);
return $status === 0;
}
}