This package is abandoned and no longer maintained. No replacement package was suggested.

Simple library to verify a file with gpg signature.

1.1.0 2016-08-09 12:02 UTC

This package is auto-updated.

Last update: 2021-06-08 15:20:51 UTC


Latest Stable Version Total Downloads Build Status Code Climate Test Coverage Minimum PHP Version GitHub license GitHub issues

No Maintenance Intended

Simple library to verify a file with gpg signature. Look at the documentation for more information.


Except PHP and composer you need an accessible GPG binary in your $PATH variable.


composer require tm/gpg-verifier ^1.0

Basic usage

use TM\GPG\Verification\Verifier;

$verifier = new Verifier;
$verifier->verify('my-file.sig', 'my-file');

Advanced usage

use TM\GPG\Verification\Verifier;
use TM\GPG\Verification\Exception\FailedVerificationException;
use TM\GPG\Verification\Exception\ExecutableException;
use TM\GPG\Verification\Exception\NotExistException;

$verifier = new Verifier('/path/to/gpg');

try {
    $verifier->verify('my-file.sig', 'my-file');
} catch(FailedVerificationException $exception) {
    // verification failed
} catch(NotExistException $exception) {
    // missing signature- or source-file
} catch(ExecutableException $exception) {
    // something with the executable is wrong


See here the full changelog.


Please refer to for information on how to contribute.