Signing#
Added in version 5.2.
Note
BEP-35 Torrent Signing
sign()#
<?php
$cert = openssl_x509_read('cert.pem');
$key = openssl_pkey_get_private('pkey.pem');
$torrent->sign(
// private key
key: $pkey,
// certificate
certificate: $cert,
// include certificate into the file
// if you are using update-url, set false here
// because you already have the originator field with the same cert
includeCertificate: true,
// additional signed info
// the spec does not define any fields here so its use is not recommended
info = [],
);
Note
A torrent file may have multiple signatures with different common names (cert CN fields)
verifySignature()#
Verify the signature with a certificate:
<?php
$cert = openssl_x509_read('cert.pem'); // some known cert
// or
// for example if the torrent has originator field,
// you can get the cert there
$cert = $torrent->getOriginator();
// Result is an instance of Arokettu\Torrent\DataTypes\SignatureValidatorResult
$result = $torrent->verifySignature($cert);
Possible results:
SignatureValidatorResult::Valid: the signature is validSignatureValidatorResult::Invalid: the signature is not validSignatureValidatorResult::NotPresent: the torrent is not signed with a certificate with the given common name
Note
The method does not check validity of the certificate itself
isSigned()#
Check if a torrent file has signatures.
getSignatures()#
Get list of available signatures.
removeSignatures()#
Remove signatures. This is required to modify info fields.