Documentation

unsign

string public
\Bitrix\Main\Security\Sign\TimeSigner::unsign(
 string $signedValue,
 string|null $salt = null
);

Non-static method verifies message signature and lifetime. When both parameters are OK, returns original message.

Parameters

ParameterDescriptionVersion
$signedValueSigned value must have the format: {message}{separator}{expired timestamp}{separator}{signature}.
$saltSalt, if required.

Exceptions

Example

 $signer = new TimeSigner;

 // Sing message for 1 second
 $signedValue = $signer->sign('test', '+1 second');

 // Or sign with expiring on some magic timestamp (e.g. 01.01.2030)
 $signedValue = $signer->sign('test', 1893445200);

 // Get original message with checking
 echo $signer->unsign($signedValue);
 // Output: 'test'

 // Try to unsigning not signed value
 echo $signer->unsign('test');
 //throw BadSignatureException with message 'Separator not found in value'

 // Or with invalid sign
 echo $signer->unsign('test.invalid_sign');

 // Or invalid salt
 echo $signer->unsign($signedValue, 'invalid_salt');
 //throw BadSignatureException with message 'Signature does not match'

 // Or expired lifetime
 echo $signer->unsign($signedValue);
 //throw BadSignatureException with message 'Signature timestamp expired (1403039921 < 1403040024)'



© «Bitrix24», 2001-2024