protected function Verifier::verifyTrustedChecksumList in Automatic Updates 8
Same name and namespace in other branches
- 7 vendor/drupal/php-signify/src/Verifier.php \Drupal\Signify\Verifier::verifyTrustedChecksumList()
2 calls to Verifier::verifyTrustedChecksumList()
- Verifier::verifyChecksumList in vendor/
drupal/ php-signify/ src/ Verifier.php - Verify a signed checksum list, and then verify the checksum for each file in the list.
- Verifier::verifyCsigChecksumList in vendor/
drupal/ php-signify/ src/ Verifier.php - Verify a signed checksum list, and then verify the checksum for each file in the list.
File
- vendor/
drupal/ php-signify/ src/ Verifier.php, line 172
Class
Namespace
Drupal\SignifyCode
protected function verifyTrustedChecksumList($checksum_list_raw, $working_directory) {
$checksum_list = new ChecksumList($checksum_list_raw, true);
$failed_checksum_list = new FailedCheckumFilter($checksum_list, $working_directory);
foreach ($failed_checksum_list as $file_checksum) {
// Don't just rely on a list of failed checksums, throw a more
// specific exception.
$actual_hash = @hash_file(strtolower($file_checksum->algorithm), $working_directory . DIRECTORY_SEPARATOR . $file_checksum->filename);
// If file doesn't exist or isn't readable, hash_file returns false.
if ($actual_hash === false) {
throw new VerifierException("File \"{$file_checksum->filename}\" in the checksum list could not be read.");
}
// Any hash less than 64 is not secure.
if (empty($actual_hash) || strlen($actual_hash) < 64) {
throw new VerifierException("Failure computing hash for file \"{$file_checksum->filename}\" in the checksum list.");
}
// This method is used because hash_equals was added in PHP 5.6.
// And we don't need timing safe comparisons.
if ($actual_hash !== $file_checksum->hex_hash) {
throw new VerifierException("File \"{$file_checksum->filename}\" does not pass checksum verification.");
}
}
return $checksum_list
->count();
}