downloads | documentation | faq | getting help | mailing lists | licenses | wiki | reporting bugs | php.net sites | links | conferences | my php.net

search for in the

haru> <gnupg_sign
Last updated: Fri, 06 Nov 2009

view this page in

gnupg_verify

(PECL gnupg >= 0.1)

gnupg_verifyVerifies a signed text

Description

array gnupg_verify ( resource $identifier , string $signed_text , string $signature [, string &$plaintext ] )

Verifies the given signed_text and returns information about the signature.

Parameters

identifier

The gnupg identifier, from a call to gnupg_init() or gnupg.

signed_text

The signed text.

signature

The signature. To verify a clearsigned text, set signature to FALSE.

plaintext

The plain text. If this optional parameter is passed, it is filled with the plain text.

Return Values

On success, this function returns information about the signature. On failure, this function returns FALSE.

Examples

Example #1 Procedural gnupg_verify() example

<?php
$plaintext "";
$res gnupg_init();
// clearsigned
$info gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>

Example #2 OO gnupg_verify() example

<?php
$plaintext "";
$gpg = new gnupg();
// clearsigned
$info $gpg -> verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info $gpg -> verify($signed_text,$signature);
print_r($info);
?>



add a note add a note User Contributed Notes
gnupg_verify
dd at hibm dot org
26-Feb-2009 01:48
If verification fails, the gnupg_verify() returns the key's id instead of fingerprint .  It does not return FALSE as stated above (PHP4, have not tested PHP5).  You can compare it with result of keyinfo:

<?php
$resultOfVerify = gnupg_verify($gpgresource, $message,FALSE,$key);
echo "<pre>\$resultOfVerify",print_r($resultOfVerify),"</pre>";
//Above will out put something like
?>
$resultOfVerify Array
(
    [0] => Array
        (
            [fingerprint] => xxxxxxxxx (IF MESSAGE IS VERIFIED, THEN THIS MATCHES THE KEY FINGERPRINT OF THE KEY, IF UNVERIFIED, MATCHES THE KEY ID
            [validity] => 0
            [timestamp] => 0
            [status] => NNNNNN
            [summary] => 4
        )

)

<?php
$keyinfo = gnupg_keyinfo($gpgresource,$key);
echo "<pre>\$keyinfo ",print_r($keyinfo),"</pre>";
//Above will out put something like
?>
$keyinfo Array
(
    [0] => Array
        (
            [disabled] =>
            [expired] =>
            [revoked] =>
            [is_secret] =>
            [can_sign] => 1
            [can_encrypt] => 1
            [uids] => Array
                (
                    [0] => Array
                        (
                            [name] => WHATEVER
                            [comment] =>
                            [email] =>
                            [uid] => WHATEVER
                            [revoked] =>
                            [invalid] =>
                        )

                )

            [subkeys] => Array
                (
                    [0] => Array
                        (
                            [fingerprint] => xxxxxxxxxxxxxxxxxx 
                            [keyid] => xxxxxxxxx
                            [timestamp] => xxxxxxxxx
                            [expires] => 0
                            [is_secret] =>
                            [invalid] =>
                            [can_encrypt] => 1
                            [can_sign] => 1
                            [disabled] =>
                            [expired] =>
                            [revoked] =>
                        )

                )

        )

<?php
//To test if a message/signature pair is verified
if($resultOfVerify[0]['fingerprint'] == $keyinfo[0]['subkeys'][0]['fingerprint']){
   //Ok, verified
}else{
  //Oops, NOT verified
}

?>
kae at verens dot com
19-Sep-2008 11:27
You can see who made the signature by checking its fingerprint:

<?php
$res = gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if($info !== false){
  $fingerprint = $info['fingerprint'];
  var_dump(gnupg_keyinfo($res, $fingerprint));
}
add a note add a note

haru> <gnupg_sign
Last updated: Fri, 06 Nov 2009
 
 
show source | credits | sitemap | contact | advertising | mirror sites