PHP Doku:: Verifies a signed text - function.gnupg-verify.html

Verlauf / Chronik / History: (1) anzeigen

Sie sind hier:
Doku-StartseitePHP-HandbuchFunktionsreferenzNon-Text MIME-AusgabenGNU Privacy GuardGnuPG Funktionengnupg_verify

Ein Service von Reinhard Neidl - Webprogrammierung.

GnuPG Funktionen

<<gnupg_sign

Haru PDF>>

gnupg_verify

(PECL gnupg >= 0.1)

gnupg_verifyVerifies a signed text

Beschreibung

array gnupg_verify ( resource $identifier , string $signed_text , string $signature [, string &$plaintext ] )

Verifies the given signed_text and returns information about the signature.

Parameter-Liste

identifier

Eine von gnupg_init() oder der Klasse gnupg zurückgegebene GnuPG-Ressource.

signed_text

The signed text.

signature

The signature. To verify a clearsigned text, set signature to FALSE.

plaintext

The plain text. If this optional parameter is passed, it is filled with the plain text.

Rückgabewerte

On success, this function returns information about the signature. On failure, this function returns FALSE.

Beispiele

Beispiel #1 Procedural gnupg_verify() example

<?php
$plaintext 
"";
$res gnupg_init();
// clearsigned
$info gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>

Beispiel #2 OO gnupg_verify() example

<?php
$plaintext 
"";
$gpg = new gnupg();
// clearsigned
$info $gpg -> verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info $gpg -> verify($signed_text,$signature);
print_r($info);
?>


2 BenutzerBeiträge:
- Beiträge aktualisieren...
dd at hibm dot org
26.02.2009 2:48
If verification fails, the gnupg_verify() returns the key's id instead of fingerprint .  It does not return FALSE as stated above (PHP4, have not tested PHP5).  You can compare it with result of keyinfo:

<?php
$resultOfVerify
= gnupg_verify($gpgresource, $message,FALSE,$key);
echo
"<pre>\$resultOfVerify",print_r($resultOfVerify),"</pre>";
//Above will out put something like
?>
$resultOfVerify Array
(
    [0] => Array
        (
            [fingerprint] => xxxxxxxxx (IF MESSAGE IS VERIFIED, THEN THIS MATCHES THE KEY FINGERPRINT OF THE KEY, IF UNVERIFIED, MATCHES THE KEY ID
            [validity] => 0
            [timestamp] => 0
            [status] => NNNNNN
            [summary] => 4
        )

)

<?php
$keyinfo
= gnupg_keyinfo($gpgresource,$key);
echo
"<pre>\$keyinfo ",print_r($keyinfo),"</pre>";
//Above will out put something like
?>
$keyinfo Array
(
    [0] => Array
        (
            [disabled] =>
            [expired] =>
            [revoked] =>
            [is_secret] =>
            [can_sign] => 1
            [can_encrypt] => 1
            [uids] => Array
                (
                    [0] => Array
                        (
                            [name] => WHATEVER
                            [comment] =>
                            [email] =>
                            [uid] => WHATEVER
                            [revoked] =>
                            [invalid] =>
                        )

                )

            [subkeys] => Array
                (
                    [0] => Array
                        (
                            [fingerprint] => xxxxxxxxxxxxxxxxxx 
                            [keyid] => xxxxxxxxx
                            [timestamp] => xxxxxxxxx
                            [expires] => 0
                            [is_secret] =>
                            [invalid] =>
                            [can_encrypt] => 1
                            [can_sign] => 1
                            [disabled] =>
                            [expired] =>
                            [revoked] =>
                        )

                )

        )

<?php
//To test if a message/signature pair is verified
if($resultOfVerify[0]['fingerprint'] == $keyinfo[0]['subkeys'][0]['fingerprint']){
  
//Ok, verified
}else{
 
//Oops, NOT verified
}

?>
kae at verens dot com
19.09.2008 13:27
You can see who made the signature by checking its fingerprint:

<?php
$res
= gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if(
$info !== false){
 
$fingerprint = $info['fingerprint'];
 
var_dump(gnupg_keyinfo($res, $fingerprint));
}



PHP Powered Diese Seite bei php.net
The PHP manual text and comments are covered by the Creative Commons Attribution 3.0 License © the PHP Documentation Group - Impressum - mail("TO:Reinhard Neidl",...)