On Sat, Sep 28, 2013 at 09:56:45PM +0200, Sherief Alaa wrote: > Hello, > > I am working on a Firefox/Chrome extension with one functionality in mind > which is to verify files. > > Something that replicates gpg --verify file.asc file.tar.gz (Keys will be > stored in openpgp.keyring.importPublicKey(pubKey) .) > > Can Openpgp.js handle such operation?
Hi, It should be able to do that, though you may have to extend it a bit; I'm not sure if there is an easy way to process detached signatures right now, you may have to invoke the functions to read the OpenPGP packets, find the signature packet, then pass it to the signature class's verify() method yourself. In the master branch, these should be _openpgp_packet.read_packet() and openpgp_packet_signature.verify(); in the devel branch - packet.read() and signature.verify(). > Note: While experimenting with openpgp.js I couldn't > get getPublicKeysForKeyId() to work at all, > it never returned anything and I might have found a bug, please check my > repo below: > > https://github.com/SheriefAlaa/openpgp.js-experiment/blob/master/index.html The thing is, despite the comment before the function, getPublicKeysForKeyId() may not really work with a string passed as an argument; I came across this recently, too. Try passing to it the binary representation of the key ID, a four-character string obtained from util.hex2bin() or something like that. Hope that helps! G'luck, Peter -- Peter Pentchev [email protected] [email protected] [email protected] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false.
signature.asc
Description: Digital signature
_______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
