mirror of
https://github.com/phpbb/phpbb.git
synced 2025-01-17 06:08:19 +01:00
57 lines
1.2 KiB
PHP
57 lines
1.2 KiB
PHP
#!/usr/bin/env php
|
|
<?php
|
|
/**
|
|
*
|
|
* This file is part of the phpBB Forum Software package.
|
|
*
|
|
* @copyright (c) phpBB Limited <https://www.phpbb.com>
|
|
* @license GNU General Public License, version 2 (GPL-2.0)
|
|
*
|
|
* For full copyright and license information, please see
|
|
* the docs/CREDITS.txt file.
|
|
*
|
|
*/
|
|
|
|
if ($_SERVER['argc'] != 4)
|
|
{
|
|
echo "Please specify the public key, filename for which the signature should be check, and the signature file, e.g. verify_signature.php superPublicKey path/to/file path/to/signature\n";
|
|
exit(1);
|
|
}
|
|
|
|
$public_key = base64_decode($_SERVER['argv'][1]);
|
|
$file_path = $_SERVER['argv'][2];
|
|
$signature_path = $_SERVER['argv'][3];
|
|
|
|
if (!extension_loaded('sodium'))
|
|
{
|
|
die('Required sodium extension not loaded');
|
|
}
|
|
|
|
if (!file_exists($file_path))
|
|
{
|
|
die('File does not exist');
|
|
}
|
|
|
|
if (!file_exists($signature_path))
|
|
{
|
|
die('Signature file does not exist');
|
|
}
|
|
|
|
$hash = hash_file('sha384', $file_path, true);
|
|
$signature = base64_decode(file_get_contents($signature_path));
|
|
|
|
try
|
|
{
|
|
if (sodium_crypto_sign_verify_detached($signature, $hash, $public_key))
|
|
{
|
|
echo 'Signature is valid!';
|
|
}
|
|
else
|
|
{
|
|
echo 'Signature is not valid!';
|
|
}
|
|
} catch (SodiumException $e)
|
|
{
|
|
die('Unable to verify the signature: ' . $e->getMessage() . "\n");
|
|
}
|