예제 #1
0
	/**
	 * Verify the signature on a given file
	 *
	 * If only one argument is provided, it is expected that file contains both the file and signature as an attached sig.
	 *
	 * If two arguments are provided, the detached signature is the first argument and the content to verify is the second.
	 *
	 * @throws \Exception
	 *
	 * @param string|\Core\Filestore\File $file       Filename or File object of the file to verify
	 * @param string|\Core\Filestore\File $verifyFile Filename or File object of any detached signature
	 *
	 * @return Signature
	 */
	public function verifyFileSignature($file, $verifyFile = null){
		if($file instanceof \Core\Filestore\File){
			$filename = $file->getFilename();
		}
		else{
			$filename = $file;
		}

		if(!file_exists($filename)){
			throw new \Exception('Requested file does not exist, unable to verify signature!');
		}

		if($verifyFile === null){
			// Standard attached sig
			$result = $this->_exec('--with-fingerprint --batch --no-tty --verify ' . escapeshellarg($filename));
		}
		else{
			// Detached signature
			if($verifyFile instanceof \Core\Filestore\File){
				$sourceFilename = $verifyFile->getFilename();
			}
			else{
				$sourceFilename = $verifyFile;
			}

			$result = $this->_exec('--with-fingerprint --batch --no-tty --verify ' . escapeshellarg($filename) . ' ' . escapeshellarg($sourceFilename));
		}


		// If the result failed, then nothing else to do here.
		if($result['return'] !== 0){
			throw new \Exception($result['error']);
		}

		// Else, the calling script may want to know the results of the verification, eg: the key and date.
		// The metadata here is send to STDERR.  _Shrugs_
		$sig = new Signature();
		$sig->_parseOutputText($result['error']);
		return $sig;
	}