collect checksum failures in a list

Author: heddn

src/Verifier.php

@@ -26,6 +26,13 @@ class Verifier
      */
     protected $now;
 
+    /**
+     * List of verification failures.
+     *
+     * @var array
+     */
+    protected $failures = [];
+
     /**
      * Verifier constructor.
      *
@@ -168,8 +175,17 @@ public function verifyMessage($signed_message) {
      */
     public function verifyChecksumList($signed_checksum_list, $working_directory)
     {
-        $checksum_list_raw = $this->verifyMessage($signed_checksum_list);
-        return $this->verifyTrustedChecksumList($checksum_list_raw, $working_directory);
+        try {
+            $checksum_list_raw = $this->verifyMessage($signed_checksum_list);
+        }
+        catch (VerifierException $exception) {
+            $this->failures[] = $exception->getMessage();
+        }
+        $count = $this->verifyTrustedChecksumList($checksum_list_raw, $working_directory);
+        if ($this->failures) {
+            throw new VerifierException('Checksum list could not be verified.', $this->failures);
+        }
+        return $count;
     }
 
     protected function verifyTrustedChecksumList($checksum_list_raw, $working_directory) {
@@ -183,15 +199,18 @@ protected function verifyTrustedChecksumList($checksum_list_raw, $working_direct
         {
             $actual_hash = @hash_file(strtolower($file_checksum->algorithm), $working_directory . DIRECTORY_SEPARATOR . $file_checksum->filename);
             if ($actual_hash === false) {
-                throw new VerifierException("File \"$file_checksum->filename\" in the checksum list could not be read.");
+                $this->failures[] = sprintf('File "%s" in the checksum list could not be read.', $file_checksum->filename);
+                continue;
             }
             if (empty($actual_hash) || strlen($actual_hash) < 64) {
-                throw new VerifierException("Failure computing hash for file \"$file_checksum->filename\" in the checksum list.");
+                $this->failures[] = sprintf('Failure computing hash for file "%s" in the checksum list.', $file_checksum->filename);
+                continue;
             }
 
             if (strcmp($actual_hash, $file_checksum->hex_hash) !== 0)
             {
-                throw new VerifierException("File \"$file_checksum->filename\" does not pass checksum verification.");
+                $this->failures[] = sprintf('File "%s" does not pass checksum verification.', $file_checksum->filename);
+                continue;
             }
 
             $verified_count++;
@@ -237,12 +256,14 @@ protected function parseChecksumList($checksum_list_raw, $list_is_trusted)
             }
 
             if (substr($line, 0, 1) === '\\') {
-                throw new VerifierException('Filenames with problematic characters are not yet supported.');
+                $this->failures[] = sprintf('Filenames "%s" with problematic characters are not yet supported.', $line);
+                continue;
             }
 
             $algo = substr($line, 0, strpos($line, ' '));
             if (empty($this->HASH_ALGO_BASE64_LENGTHS[$algo])) {
-                throw new VerifierException("Algorithm \"$algo\" is unsupported for checksum verification.");
+                $this->failures[] = sprintf('Algorithm "%s" is unsupported for checksum verification.', $algo);
+                continue;
             }
 
             $filename_start = strpos($line, '(') + 1;

src/VerifierException.php

@@ -2,4 +2,19 @@
 
 namespace DrupalAssociation\Signify;
 
-class VerifierException extends \RuntimeException { }
+class VerifierException extends \RuntimeException {
+
+    protected $failures;
+
+    public function __construct($message = '', array $failures = [], $code = 0, Throwable $previous = NULL)
+    {
+        parent::__construct($message, $code, $previous);
+        $this->failures = $verificationFailures;
+    }
+
+    public function getVerificationFailures()
+    {
+        return $this->failures;
+    }
+
+}