public function isValid($message, $signature)
{
$publicKey = trim(file_get_contents($this->publicKey));
if (false === ($pubkeyid = openssl_pkey_get_public($publicKey))) {
while ($errors[] = openssl_error_string()) {
}
throw new \RuntimeException(sprintf("Error during public key read: \n%s", implode("\n", $errors)));
}
$signature = base64_decode($signature);
// state whether signature is okay or not
$ok = openssl_verify($message, $signature, $pubkeyid);
// free the key from memory
openssl_free_key($pubkeyid);
if ($ok == 1) {
return true;
} elseif ($ok == 0) {
return false;
} else {
while ($errors[] = openssl_error_string()) {
}
throw new \RuntimeException(sprintf("Error during private key read: \n%s", implode("\n", $errors)));
}
} /**
* Loads a list of the latest releases from the update API
* Returns them indexed by the Shopware version (e.g: 5.1.0)
*
* @return array
*/
private function getIndexedReleasesList()
{
$client = new Client();
$response = $client->get(self::DOWNLOAD_UPDATE_API);
$signature = $response->getHeader('X-Shopware-Signature');
if ($this->openSSLVerifier->isSystemSupported()) {
if (!$this->openSSLVerifier->isValid($response->getBody(), $signature)) {
throw new \RuntimeException('API signature verification failed');
}
}
$releases = $response->json();
if (empty($releases)) {
throw new \RuntimeException("Could not get releases list package");
}
$indexedReleases = [];
foreach ($releases as $release) {
$indexedReleases[$release['version']] = $release;
}
return $indexedReleases;
}
