Verify a digital signature for a file.
| public static verify ( string | resource $filename, SignaturePublicKey $publicKey, string $signature, boolean $raw_binary = false ) : boolean | ||
| $filename | string | resource | File name or file handle |
| $publicKey | SignaturePublicKey | Other party's signature public key |
| $signature | string | The signature we received |
| $raw_binary | boolean | TRUE if the signature is raw binary |
| return | boolean | |
public function testSign()
{
$keypair = KeyFactory::generateSignatureKeyPair();
$secretkey = $keypair->getSecretKey();
$publickey = $keypair->getPublicKey();
$signature = File::sign(__DIR__ . '/tmp/paragon_avatar.png', $secretkey);
$this->assertTrue(!empty($signature));
$this->assertTrue(File::verify(__DIR__ . '/tmp/paragon_avatar.png', $publickey, $signature));
}
/**
* Check that the signature is valid for this supplier's
* public keys.
*
* @param bool $fastExit
* @return bool
*/
public function signatureIsValid(bool $fastExit = false) : bool
{
$result = false;
foreach ($this->supplier->getSigningKeys() as $key) {
$result = $result || File::verify($this->path, $key['key'], $this->releaseInfo['signature']);
if ($result && $fastExit) {
return true;
}
}
return $result;
}
