PHP Conference Nagoya 2025

gnupg_verify

(PECL gnupg >= 0.1)

gnupg_verifyVerifies a signed text

Description

gnupg_verify(
    resource $identifier,
    string $signed_text,
    string $signature,
    string &$plaintext = ?
): array|false

Verifies the given signed_text and returns information about the signature.

Parameters

identifier

The gnupg identifier, from a call to gnupg_init() or gnupg.

signed_text

The signed text.

signature

The signature. To verify a clearsigned text, set signature to false.

plaintext

The plain text. If this optional parameter is passed, it is filled with the plain text.

Return Values

On success, this function returns information about the signature. On failure, this function returns false.

Examples

Example #1 Procedural gnupg_verify() example

<?php
$plaintext
= "";
$res = gnupg_init();
// clearsigned
$info = gnupg_verify($res,$signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = gnupg_verify($res,$signed_text,$signature);
print_r($info);
?>

Example #2 OO gnupg_verify() example

<?php
$plaintext
= "";
$gpg = new gnupg();
// clearsigned
$info = $gpg->verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = $gpg->verify($signed_text,$signature);
print_r($info);
?>

add a note

User Contributed Notes 2 notes

up
2
kae at verens dot com
16 years ago
You can see who made the signature by checking its fingerprint:

<?php
$res
= gnupg_init();
$info = gnupg_verify($res,$signed_text,$signature);
if(
$info !== false){
$fingerprint = $info['fingerprint'];
var_dump(gnupg_keyinfo($res, $fingerprint));
}
up
2
izumeroot at gmail dot com
2 years ago
Where can I see description of result array?

I've got

Array
(
[0] => Array
(
[fingerprint] => 9BF78012F700B345827346E1EFA3026F01404358
[validity] => 4
[timestamp] => 1643100153
[status] => 0
[summary] => 3
)

)

But what does "status" mean? What is "validity"? What is "summary"?
To Top