Simple library to verify a file with gpg signature. Look at the documentation for more information.
Except PHP and composer you need an accessible GPG binary in your $PATH variable.
composer require tm/gpg-verifier ^1.0
use TM\GPG\Verification\Verifier;
$verifier = new Verifier;
$verifier->verify('my-file.sig', 'my-file');
use TM\GPG\Verification\Verifier;
use TM\GPG\Verification\Exception\FailedVerificationException;
use TM\GPG\Verification\Exception\ExecutableException;
use TM\GPG\Verification\Exception\NotExistException;
$verifier = new Verifier('/path/to/gpg');
try {
$verifier->verify('my-file.sig', 'my-file');
} catch(FailedVerificationException $exception) {
// verification failed
} catch(NotExistException $exception) {
// missing signature- or source-file
} catch(ExecutableException $exception) {
// something with the executable is wrong
}
See here the full changelog.
Please refer to CONTRIBUTING.md for information on how to contribute.