(PECL gnupg >= 0.1)
gnupg_verify — Verifies a signed text
$identifier
, string $signed_text
, string $signature
[, string &$plaintext
] ) : array
Verifies the given signed_text and returns information about the
signature.
identifiergnupg 标识符,由对 gnupg_init() 或 gnupg 的调用生成。
signed_textThe signed text.
signature
The signature.
To verify a clearsigned text, set signature to FALSE.
plaintextThe plain text. If this optional parameter is passed, it is filled with the plain text.
On success, this function returns information about the signature.
On failure, this function returns FALSE.
Example #1 Procedural gnupg_verify() example
<?php
$plaintext = "";
$res = gnupg_init();
// clearsigned
$info = gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>
Example #2 OO gnupg_verify() example
<?php
$plaintext = "";
$gpg = new gnupg();
// clearsigned
$info = $gpg -> verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = $gpg -> verify($signed_text,$signature);
print_r($info);
?>
You can see who made the signature by checking its fingerprint:
<?php
$res = gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if($info !== false){
$fingerprint = $info['fingerprint'];
var_dump(gnupg_keyinfo($res, $fingerprint));
}