https://stackoverflow.com/questions/23592827
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThe documentation is rather hard to follow, and in some places out of date, but the verification seems to be as follows:
- all files, even those in Tar or Zip format contain a manifest with a CRC check for basic self-validation; this is not tamper-proof, but will detect things like incomplete downloads
- files in the PHAR format can also contain a signature in one of several formats chosen by the creator
- as of PHAR 2.0 (PHP version unclear), the signature can also use an OpenSSL public-private key pair
- this signature is calculated on the whole contents of the archive, independent of the manifest, so can be trusted to detect tampering if it, or the public key, is distributed over a trusted channel
Your question talks of the speed of the signing and verifying process, and this is a key part of your suspicion that an insecure algorithm might be in play. Wikipedia summarises the performance of SHA-256/512 as 200 to 300 MiB/second on an inexpensive 64-bit CPU. Since a PHAR archive is unlikely to be as large as 200MiB, and since signature verification is performed on-demand, not on every execution (at least, I think so), the fraction of a second to hash the whole file is unlikely to be an issue. (Creation of the signature can also be postponed until all files are added, so again has no requirement for higher speed.)
