99 lines
2.1 KiB
PHP
99 lines
2.1 KiB
PHP
<?php
|
|
|
|
namespace NoccyLabs\Hotfix\Hotfix;
|
|
|
|
use Symfony\Component\Yaml\Yaml;
|
|
|
|
class Signature
|
|
{
|
|
/** @var bool Whether the signature is valid */
|
|
protected $valid;
|
|
|
|
/** @var string|null The name of the key used to sign */
|
|
protected $signer;
|
|
|
|
/** @var string|null The ID of the key used to sign */
|
|
protected $keyId;
|
|
|
|
protected $error;
|
|
|
|
protected $body;
|
|
|
|
protected $signature;
|
|
|
|
/**
|
|
* Constructor
|
|
*
|
|
* @param bool $valid Whether the signature is valid
|
|
* @param string $signer For a valid signature, the name of the signer
|
|
* @param string $keyId For a valid signature, the key ID
|
|
*/
|
|
public function __construct($body, $signature)
|
|
{
|
|
$this->body = $body;
|
|
$this->signature = $signature;
|
|
$this->verify();
|
|
}
|
|
|
|
public function verify()
|
|
{
|
|
if (!$this->signature) {
|
|
$this->error = "Hotfix is not signed!";
|
|
return;
|
|
}
|
|
|
|
$gpg = gnupg_init();
|
|
|
|
$sigInfo = gnupg_verify($gpg, $this->body, $this->signature);
|
|
|
|
if ($sigInfo === false) {
|
|
$this->error = "Invalid signature";
|
|
return;
|
|
}
|
|
|
|
$fingerprint = $sigInfo[0]['fingerprint'];
|
|
$keyInfo = gnupg_keyinfo($gpg, $fingerprint);
|
|
|
|
if (empty($keyInfo)) {
|
|
$this->error = "Unknown signer (key id {$sigInfo[0]['fingerprint']})";
|
|
return;
|
|
}
|
|
|
|
$subKeys = $keyInfo[0]['subkeys'];
|
|
$keyId = null;
|
|
foreach ($subKeys as $subKey) {
|
|
if ($subKey['fingerprint'] == $fingerprint) {
|
|
$keyId = $subKey['keyid'];
|
|
break;
|
|
}
|
|
}
|
|
|
|
$signerInfo = sprintf("%s (%s)", $keyInfo[0]['uids'][0]['name'], $keyInfo[0]['uids'][0]['email']);
|
|
|
|
$this->valid = true;
|
|
$this->signer = $signerInfo;
|
|
$this->keyId = $keyId;
|
|
}
|
|
|
|
public function isValid()
|
|
{
|
|
return ($this->valid === true);
|
|
}
|
|
|
|
public function getSigner()
|
|
{
|
|
return $this->signer;
|
|
}
|
|
|
|
public function getKeyId()
|
|
{
|
|
return $this->keyId;
|
|
}
|
|
|
|
public function getError()
|
|
{
|
|
return $this->error;
|
|
}
|
|
|
|
}
|