gnupg_verify

(PECL gnupg >= 0.1)

gnupg_verify — Verifies a signed text

说明

gnupg_verify(
    resource $identifier,
    string $signed_text,
    string $signature,
    string &$plaintext = ?
): array

Verifies the given signed_text and returns information about the signature.

参数

identifier: gnupg 标识符，由对 gnupg_init() 或 gnupg 的调用生成。
signed_text: The signed text.
signature: The signature. To verify a clearsigned text, set signature to false.
plaintext: The plain text. If this optional parameter is passed, it is filled with the plain text.

返回值

On success, this function returns information about the signature. On failure, this function returns false.

范例

示例 #1 Procedural gnupg_verify() example


<?php
$plaintext = "";
$res = gnupg_init();
// clearsigned
$info = gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>

示例 #2 OO gnupg_verify() example


<?php
$plaintext = "";
$gpg = new gnupg();
// clearsigned
$info = $gpg->verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = $gpg->verify($signed_text,$signature);
print_r($info);
?>

add a note

User Contributed Notes 2 notes

down

kae at verens dot com ¶

13 years ago


You can see who made the signature by checking its fingerprint:

<?php
$res = gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if($info !== false){
  $fingerprint = $info['fingerprint'];
  var_dump(gnupg_keyinfo($res, $fingerprint));
}

down

izumeroot at gmail dot com ¶

4 months ago


Where can I see description of result array?

I've got 

Array
(
    [0] => Array
        (
            [fingerprint] => 9BF78012F700B345827346E1EFA3026F01404358
            [validity] => 4
            [timestamp] => 1643100153
            [status] => 0
            [summary] => 3
        )

)

But what does "status" mean? What is "validity"? What is "summary"?

add a note