openssl_pkcs7_verify
string$input_filename,
int$flags,
[string|null$signers_certificates_filename = null],
[array$ca_info = []],
[string|null$untrusted_certificates_filename = null],
[string|null$content = null],
[string|null$output_filename = null]
): bool|int
openssl_pkcs7_verify reads the S/MIME message contained in the given file and examines the digital signature.
Parameters
- input_filename
-
Path to the message.
- flags
-
flags can be used to affect how the signature is verified - see PKCS7 constants for more information.
- signers_certificates_filename
-
If the signers_certificates_filename is specified, it should be a string holding the name of a file into which the certificates of the persons that signed the messages will be stored in PEM format.
- ca_info
-
If the ca_info is specified, it should hold information about the trusted CA certificates to use in the verification process - see certificate verification for more information about this parameter.
- untrusted_certificates_filename
-
If the untrusted_certificates_filename is specified, it is the filename of a file containing a bunch of certificates to use as untrusted CAs.
- content
-
You can specify a filename with content that will be filled with the verified data, but with the signature information stripped.
- output_filename
-
Return Values
Returns true if the signature is verified, false if it is not correct (the message has been tampered with, or the signing certificate is invalid), or -1 on error.
Notes
Note:
As specified in RFC 2045, lines may not be longer than 76 characters in the input_filename parameter.
Changelog
| Version | Description |
| 8.0.0 | signers_certificates_filename, untrusted_certificates_filename, content and output_filename are nullable now. |
| 7.2.0 | The output_filename parameter was added. |