/**
* Verifies a signature.
*
* @param \Jose\KeyConverter\RSAKey $key
* @param string $message
* @param string $signature
* @param string $hash
*
* @return bool
*/
public static function verify(RSAKey $key, $message, $signature, $hash)
{
Assertion::string($message);
Assertion::string($signature);
Assertion::string($hash);
Assertion::inArray($hash, ['sha256', 'sha384', 'sha512']);
Assertion::eq(strlen($signature), $key->getModulusLength());
$modBits = 8 * $key->getModulusLength();
$s2 = self::convertOctetStringToInteger($signature);
$m2 = self::getRSAVP1($key, $s2);
Assertion::isInstanceOf($m2, BigInteger::class);
$em = self::convertIntegerToOctetString($m2, $modBits >> 3);
return self::verifyEMSAPSS($message, $em, $modBits - 1, Hash::$hash());
}