downloads | documentation | faq | getting help | mailing lists | licenses | wiki | reporting bugs | php.net sites | links | conferences | my php.net

search for in the

gopher> <gnupg
Last updated: Wed, 22 Jul 2009

view this page in

gnupg_verify

(PECL gnupg:0.1-1.3.1)

gnupg_verify — Verifies a signed text

Description

array gnupg_verify ( resource $identifier , string $signed_text , string $signature [, string &$plaintext ] )

Verifies the given signed_text and returns information about the signature. To verify a clearsigned text, set signature to FALSE. If the optional parameter plaintext is passed, it is filled with the plaintext .

Return Values

On success, this function returns informations about the signature. On failure, this function returns FALSE.

Voorbeelden

Example#1 Procedural gnupg_verify() example

<?php
$plaintext "";
$res gnupg_init();
// clearsigned
$info gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>

Example#2 OO gnupg_verify() example

<?php
$plaintext "";
$gpg = new gnupg();
// clearsigned
$info $gpg -> verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info $gpg -> verify($signed_text,$signature);
print_r($info);
?>



add a note add a note User Contributed Notes
gnupg_verify
dd at hibm dot org
26-Feb-2009 02:48
If verification fails, the gnupg_verify() returns the key's id instead of fingerprint .  It does not return FALSE as stated above (PHP4, have not tested PHP5).  You can compare it with result of keyinfo:

<?php
$resultOfVerify = gnupg_verify($gpgresource, $message,FALSE,$key);
echo "<pre>\$resultOfVerify",print_r($resultOfVerify),"</pre>";
//Above will out put something like
?>
$resultOfVerify Array
(
    [0] => Array
        (
            [fingerprint] => xxxxxxxxx (IF MESSAGE IS VERIFIED, THEN THIS MATCHES THE KEY FINGERPRINT OF THE KEY, IF UNVERIFIED, MATCHES THE KEY ID
            [validity] => 0
            [timestamp] => 0
            [status] => NNNNNN
            [summary] => 4
        )

)

<?php
$keyinfo = gnupg_keyinfo($gpgresource,$key);
echo "<pre>\$keyinfo ",print_r($keyinfo),"</pre>";
//Above will out put something like
?>
$keyinfo Array
(
    [0] => Array
        (
            [disabled] =>
            [expired] =>
            [revoked] =>
            [is_secret] =>
            [can_sign] => 1
            [can_encrypt] => 1
            [uids] => Array
                (
                    [0] => Array
                        (
                            [name] => WHATEVER
                            [comment] =>
                            [email] =>
                            [uid] => WHATEVER
                            [revoked] =>
                            [invalid] =>
                        )

                )

            [subkeys] => Array
                (
                    [0] => Array
                        (
                            [fingerprint] => xxxxxxxxxxxxxxxxxx 
                            [keyid] => xxxxxxxxx
                            [timestamp] => xxxxxxxxx
                            [expires] => 0
                            [is_secret] =>
                            [invalid] =>
                            [can_encrypt] => 1
                            [can_sign] => 1
                            [disabled] =>
                            [expired] =>
                            [revoked] =>
                        )

                )

        )

<?php
//To test if a message/signature pair is verified
if($resultOfVerify[0]['fingerprint'] == $keyinfo[0]['subkeys'][0]['fingerprint']){
   //Ok, verified
}else{
  //Oops, NOT verified
}

?>
kae at verens dot com
19-Sep-2008 01:27
You can see who made the signature by checking its fingerprint:

<?php
$res = gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if($info !== false){
  $fingerprint = $info['fingerprint'];
  var_dump(gnupg_keyinfo($res, $fingerprint));
}
add a note add a note

gopher> <gnupg
Last updated: Wed, 22 Jul 2009
 
 
show source | credits | stats | sitemap | contact | advertising | mirror sites