ValidationService.php
60 lines
| 1 | <?php |
| 2 | |
| 3 | namespace AmeliaBooking\Application\Services\Validation; |
| 4 | |
| 5 | use AmeliaVendor\phpseclib3\Crypt\PublicKeyLoader; |
| 6 | use AmeliaVendor\phpseclib3\Crypt\RSA; |
| 7 | |
| 8 | class ValidationService |
| 9 | { |
| 10 | private const SITE_PUBLIC_KEYS = [ |
| 11 | 'middleware' => <<<PEM |
| 12 | -----BEGIN PUBLIC KEY----- |
| 13 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBviz1x8ocjJnoGmum6E |
| 14 | vBG1jz5Hnr/FNA9lYnoYVCP3P/gFm77AFP+vfl+jCLyWzB22uD8uoea/stUmP9U9 |
| 15 | 0bqVT5jMZorb4BoesPD8fG+iz8WzdfotRo/xatlhyZkE+9nE45BWHwZulf0ff1P8 |
| 16 | IKi6FLtXukqngJ+m63fJ0GelAH8KuMj6gzM1O+SSojGO+HBCdwlCcrxBal5M2x3Z |
| 17 | dSKBh3U+qdCtnRSahkAO3DU7O2d9U+HZWBaKUJcb0LB1pM9mUlb3oFIaxQjLNdIk |
| 18 | krr9L9okRlHeB1MqxfraexHRMmcrq1jawAerFIwSQrcZHGiQalbi3PKYZFEJgxqX |
| 19 | WQIDAQAB |
| 20 | -----END PUBLIC KEY----- |
| 21 | PEM, |
| 22 | 'smsApi' => <<<PEM |
| 23 | -----BEGIN PUBLIC KEY----- |
| 24 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQSBshtWYj1Rw/iGs0xp |
| 25 | 29W/NKRhzLie3uwqYMptFtOJhqeSLjs3FY8d+1DPj/C54GO7oGLDwNCA20hM0GvY |
| 26 | MjedibdqTLZkBieOhfhXLMr4GvMN7vkquNw4AWuEZldWqwM8KWR0LTFkzrF4DfxE |
| 27 | 80JvybkVnoai1M4ceD5nQ3IJg6C1JBMhG4OLo3rbO1tPOA/KtLbLOZrJwHXjcpNn |
| 28 | TLF+HlIjt8GAx3euu+mIcyPQy8wfDmLXLBcLU7F6lkQBNaIVznYbx106brgZj++b |
| 29 | K1QOKbCrIUcLeaproTvLkxiBMashor2MNwhWbCLtiQ2+Wbm1vruAXyJmmmXTw8B6 |
| 30 | yQIDAQAB |
| 31 | -----END PUBLIC KEY----- |
| 32 | PEM |
| 33 | ]; |
| 34 | |
| 35 | /** |
| 36 | * @param string $stringToVerify |
| 37 | * @param string $site |
| 38 | * @param string $signature |
| 39 | * |
| 40 | * @return bool |
| 41 | */ |
| 42 | public static function verifySignature($stringToVerify, $site, $signature) |
| 43 | { |
| 44 | if (!$signature || !isset(self::SITE_PUBLIC_KEYS[$site]) || !$stringToVerify) { |
| 45 | return false; |
| 46 | } |
| 47 | |
| 48 | $signature = base64_decode($signature); |
| 49 | |
| 50 | /** @var RSA\PublicKey $publicKey */ |
| 51 | $publicKey = PublicKeyLoader::load(self::SITE_PUBLIC_KEYS[$site]); |
| 52 | |
| 53 | $publicKey = $publicKey |
| 54 | ->withPadding(RSA::SIGNATURE_PKCS1) |
| 55 | ->withHash('sha256'); |
| 56 | |
| 57 | return $publicKey->verify($stringToVerify, $signature); |
| 58 | } |
| 59 | } |
| 60 |