verify method

@override Future<bool> verify(List<int> message, { required Signature signature, })

Verifies whether bytes was signed with signature.

Example

In this example, we use Ed25519:

import 'package:cryptography/cryptography.dart';

Future<void> main() async {
  final signedMessage = [1,2,3];

  final ed25519 = Ed25519();
  final keyPair = await ed25519.newKeyPair();
  final signature = await ed25519.sign(
    signedMessage,
    keyPair: keyPair,
  );

  // ...

  final isRealSignature = await ed25519.verify(
    signedMessage,
    signature: signature,
  );

  print('Signature verification result: $isRealSignature');
}

Implementation

@override
Future<bool> verify(List<int> message, {required Signature signature}) async {
  // Check that parameters appear valid
  final publicKeyBytes = (signature.publicKey as SimplePublicKey).bytes;
  final signatureBytes = signature.bytes;
  if (publicKeyBytes.length != 32) {
    throw ArgumentError.value(
      signature,
      'signature',
      'Invalid public key length',
    );
  }
  if (signatureBytes.length != 64) {
    throw ArgumentError.value(
      signature,
      'signature',
      'Invalid signature length',
    );
  }

  // Decompress `a`
  final a = _pointDecompress(publicKeyBytes);
  if (a == null) {
    return false;
  }

  // Decompress `r`
  final rBytes = signatureBytes.sublist(0, 32);
  final r = _pointDecompress(rBytes);
  if (r == null) {
    return false;
  }

  // Get `s`
  final s = bigIntFromBytes(signatureBytes.sublist(32));
  if (s >= RegisterL.constantL) {
    return false;
  }

  // Calculate `h`
  final hh = await _sha512.hash(_join([rBytes, publicKeyBytes, message]));
  final h = RegisterL();
  h.readBytes(hh.bytes);

  // Calculate: s * basePoint
  final sB = _pointMul(Register25519()..setBigInt(s), Ed25519Point.base);

  // Calculate: h * a + r
  final rhA = Ed25519Point.zero();
  _pointAdd(
    rhA,
    _pointMul(h.toRegister25519(), a),
    r,
  );

  // Compare
  return sB.equals(rhA);
}