nextcloud · come-nc · Jun 22, 2026 · Jun 22, 2026 · Jun 22, 2026
@@ -87,13 +87,16 @@ public static function verify(string $signatureBase, string $signature, Key $key
 				throw new SignatureException('verifying Ed25519 signatures requires ext-sodium');
 			}
 			if (strlen($signature) !== SODIUM_CRYPTO_SIGN_BYTES) {
+				echo __LINE__ . " return false\n";
 				return false;
 			}
 			// parseKey hands OKP material as plain base64 of the 32 raw bytes.
 			$rawPublic = base64_decode((string)$material, true);
 			if ($rawPublic === false || strlen($rawPublic) !== SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES) {
+				echo __LINE__ . " return false\n";
 				return false;
 			}
+			echo __LINE__ . " return ?\n";
 			return sodium_crypto_sign_verify_detached($signature, $signatureBase, $rawPublic);
 		}
 
@@ -102,10 +105,12 @@ public static function verify(string $signatureBase, string $signature, Key $key
 		if ($encoding === 'ecdsa') {
 			$signature = self::ecdsaRawToDer($signature, self::ecdsaCoordinateSize($resolved));
 			if ($signature === null) {
+				echo __LINE__ . " return false\n";
 				return false;
 			}
 		}
 
+		echo __LINE__ . ' return ' . openssl_verify($signatureBase, $signature, $material, $opensslAlgo) . "\n";
 		return openssl_verify($signatureBase, $signature, $material, $opensslAlgo) === 1;
 	}
 

@@ -88,6 +88,9 @@ public function testRsaPkcs1RoundTrip(): void {
 	public function testEcdsaP256RoundTrip(): void {
 		[$priv, $key] = $this->ecKeyPair('prime256v1', 'P-256', 'ES256');
 		$sig = Algorithm::sign('payload', $priv, 'ecdsa-p256-sha256');
+		echo "sig:$sig\n";
+		// echo "key:$key\n";
+		echo 'key:' . serialize($key) . "\n";
 		$this->assertSame(64, strlen($sig));
 		$this->assertTrue(Algorithm::verify('payload', $sig, $key, 'ecdsa-p256-sha256'));
 		$this->assertTrue(Algorithm::verify('payload', $sig, $key, 'ES256'));
@@ -96,6 +99,8 @@ public function testEcdsaP256RoundTrip(): void {
 	public function testEcdsaP384RoundTrip(): void {
 		[$priv, $key] = $this->ecKeyPair('secp384r1', 'P-384', 'ES384');
 		$sig = Algorithm::sign('payload', $priv, 'ecdsa-p384-sha384');
+		echo "sig:$sig\n";
+		echo 'key:' . serialize($key) . "\n";
 		$this->assertSame(96, strlen($sig));
 		$this->assertTrue(Algorithm::verify('payload', $sig, $key, 'ecdsa-p384-sha384'));
 	}