downloads | documentation | faq | getting help | mailing lists | licenses | wiki | reporting bugs | php.net sites | conferences | my php.net

search for in the

haru> <gnupg_sign
[edit] Last updated: Fri, 26 Apr 2013

view this page in

gnupg_verify

(PECL gnupg >= 0.1)

gnupg_verifyVerifies a signed text

Description

array gnupg_verify ( resource $identifier , string $signed_text , string $signature [, string &$plaintext ] )

Verifies the given signed_text and returns information about the signature.

Parameters

identifier

The gnupg identifier, from a call to gnupg_init() or gnupg.

signed_text

The signed text.

signature

The signature. To verify a clearsigned text, set signature to FALSE.

plaintext

The plain text. If this optional parameter is passed, it is filled with the plain text.

Return Values

On success, this function returns information about the signature. On failure, this function returns FALSE.

Examples

Example #1 Procedural gnupg_verify() example

<?php
$plaintext "";
$res gnupg_init();
// clearsigned
$info gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>

Example #2 OO gnupg_verify() example

<?php
$plaintext "";
$gpg = new gnupg();
// clearsigned
$info $gpg -> verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info $gpg -> verify($signed_text,$signature);
print_r($info);
?>



add a note add a note User Contributed Notes gnupg_verify - [2 notes]
up
0
kae at verens dot com
4 years ago
You can see who made the signature by checking its fingerprint:

<?php
$res = gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if($info !== false){
  $fingerprint = $info['fingerprint'];
  var_dump(gnupg_keyinfo($res, $fingerprint));
}
up
-1
dd at hibm dot org
4 years ago
If verification fails, the gnupg_verify() returns the key's id instead of fingerprint .  It does not return FALSE as stated above (PHP4, have not tested PHP5).  You can compare it with result of keyinfo:

<?php
$resultOfVerify = gnupg_verify($gpgresource, $message,FALSE,$key);
echo "<pre>\$resultOfVerify",print_r($resultOfVerify),"</pre>";
//Above will out put something like
?>
$resultOfVerify Array
(
    [0] => Array
        (
            [fingerprint] => xxxxxxxxx (IF MESSAGE IS VERIFIED, THEN THIS MATCHES THE KEY FINGERPRINT OF THE KEY, IF UNVERIFIED, MATCHES THE KEY ID
            [validity] => 0
            [timestamp] => 0
            [status] => NNNNNN
            [summary] => 4
        )

)

<?php
$keyinfo = gnupg_keyinfo($gpgresource,$key);
echo "<pre>\$keyinfo ",print_r($keyinfo),"</pre>";
//Above will out put something like
?>
$keyinfo Array
(
    [0] => Array
        (
            [disabled] =>
            [expired] =>
            [revoked] =>
            [is_secret] =>
            [can_sign] => 1
            [can_encrypt] => 1
            [uids] => Array
                (
                    [0] => Array
                        (
                            [name] => WHATEVER
                            [comment] =>
                            [email] =>
                            [uid] => WHATEVER
                            [revoked] =>
                            [invalid] =>
                        )

                )

            [subkeys] => Array
                (
                    [0] => Array
                        (
                            [fingerprint] => xxxxxxxxxxxxxxxxxx 
                            [keyid] => xxxxxxxxx
                            [timestamp] => xxxxxxxxx
                            [expires] => 0
                            [is_secret] =>
                            [invalid] =>
                            [can_encrypt] => 1
                            [can_sign] => 1
                            [disabled] =>
                            [expired] =>
                            [revoked] =>
                        )

                )

        )

<?php
//To test if a message/signature pair is verified
if($resultOfVerify[0]['fingerprint'] == $keyinfo[0]['subkeys'][0]['fingerprint']){
   //Ok, verified
}else{
  //Oops, NOT verified
}

?>
add a note add a note

 
show source | credits | stats | sitemap | contact | advertising | mirror sites