Airship\Engine\Continuum\AutoUpdater::verifyUpdateSignature PHP Method

AutoUpdater Class Documentation Mostrar archivo Open project: paragonie/airship

verifyUpdateSignature() public method

Dear future security auditors: This is important.

public verifyUpdateSignature ( UpdateInfo $info, UpdateFile $file ) : boolean
$info	UpdateInfo
$file	UpdateFile
return	boolean

    public function verifyUpdateSignature(UpdateInfo $info, UpdateFile $file) : bool
    {
        $debugArgs = ['path' => $file->getPath(), 'supplier' => $info->getSupplierName(), 'name' => $info->getPackageName()];
        $this->log('Checking update signature...', LogLevel::DEBUG, $debugArgs);
        $ret = false;
        foreach ($this->supplier->getSigningKeys() as $key) {
            if ($key['type'] !== 'signing') {
                continue;
            }
            $ret = $ret || File::verify($file->getPath(), $key['key'], $info->getSignature(true));
        }
        $this->log('Signature result: ' . ($ret ? 'true' : 'false'), LogLevel::DEBUG, $debugArgs);
        return $ret;
    }

AutoUpdater

autoRunScript

bringSiteBackUp

bringSiteDown

bypassSecurityAndJustInstall

checkKeyggdrasil

checkVersionSettings

downloadUpdateFile

getChannel

getLogContext

install

manualUpdate

sortUpdatesByVersion

updateCheck

updateDBRecord

useLocalUpdateFile

verifyUpdateSignature