openssl_pkcs7_verify
(PHP 4 >= 4.0.6, PHP 5)
openssl_pkcs7_verify — Verifies the signature of an S/MIME signed message
Description
$filename
, int $flags
[, string $outfilename
[, array $cainfo
[, string $extracerts
[, string $content
]]]] )openssl_pkcs7_verify() reads the S/MIME message contained in the given file and examines the digital signature.
Parameters
-
filename
-
Path to the message.
-
flags
-
flags
can be used to affect how the signature is verified - see PKCS7 constants for more information. -
outfilename
-
If the
outfilename
is specified, it should be a string holding the name of a file into which the certificates of the persons that signed the messages will be stored in PEM format. -
cainfo
-
If the
cainfo
is specified, it should hold information about the trusted CA certificates to use in the verification process - see certificate verification for more information about this parameter. -
extracerts
-
If the
extracerts
is specified, it is the filename of a file containing a bunch of certificates to use as untrusted CAs. -
content
-
You can specify a filename with
content
that will be filled with the verified data, but with the signature information stripped.
Return Values
Returns TRUE
if the signature is verified, FALSE
if it is not correct
(the message has been tampered with, or the signing certificate is invalid),
or -1 on error.
Changelog
Version | Description |
---|---|
5.1.0 |
The content parameter was added.
|
Notes
Note: As specified in RFC 2045, lines may not be longer than 76 characters in the
filename
parameter.
- PHP Руководство
- Функции по категориям
- Индекс функций
- Справочник функций
- Криптографические расширения
- OpenSSL
- openssl_cipher_iv_length
- openssl_csr_export_to_file
- openssl_csr_export
- openssl_csr_get_public_key
- openssl_csr_get_subject
- openssl_csr_new
- openssl_csr_sign
- openssl_decrypt
- openssl_dh_compute_key
- openssl_digest
- openssl_encrypt
- openssl_error_string
- openssl_free_key
- openssl_get_cert_locations
- openssl_get_cipher_methods
- openssl_get_md_methods
- openssl_get_privatekey
- openssl_get_publickey
- openssl_open
- openssl_pbkdf2
- openssl_pkcs12_export_to_file
- openssl_pkcs12_export
- openssl_pkcs12_read
- openssl_pkcs7_decrypt
- openssl_pkcs7_encrypt
- openssl_pkcs7_sign
- openssl_pkcs7_verify
- openssl_pkey_export_to_file
- openssl_pkey_export
- openssl_pkey_free
- openssl_pkey_get_details
- openssl_pkey_get_private
- openssl_pkey_get_public
- openssl_pkey_new
- openssl_private_decrypt
- openssl_private_encrypt
- openssl_public_decrypt
- openssl_public_encrypt
- openssl_random_pseudo_bytes
- openssl_seal
- openssl_sign
- openssl_spki_export_challenge
- openssl_spki_export
- openssl_spki_new
- openssl_spki_verify
- openssl_verify
- openssl_x509_check_private_key
- openssl_x509_checkpurpose
- openssl_x509_export_to_file
- openssl_x509_export
- openssl_x509_fingerprint
- openssl_x509_free
- openssl_x509_parse
- openssl_x509_read
Коментарии
To verify a .p7m file with openssl_pkcs7_verify() you must convert it to S/MIME format. For example...
<?php
function der2smime($file)
{
$to=<<<TXT
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"
Content-Transfer-Encoding: base64
\n
TXT;
$from=file_get_contents($file);
$to.=chunk_split(base64_encode($from));
return file_put_contents($file,$to);
}
?>