3

In looking at the Crypto Library I see it has the capability to sign data.

Does anyone know if a PGP compatible signature is as simple as ASCII armoring the output of the Crypto Library's sign command?

I have an application that needs to sign and only sign data using PGP. I've looked at the OpenGPGJS project; but it blows up when I Webpack my application.

I've been trying to use kbgpg, but their documentation isn't that great, and when I follow their default example on signing data that signature isn't even recognized as a signature when I attempt to use Kleopatra to validate everything was correct. This is even if I change the "GPG MESSAGE" block to instead be a "PGP SIGNATURE" block.

Since I don't need the encryption, just signature, I was thinking that using the Crypto library directly may be the most simple solution here, but I'm having a difficult time finding documentation to validate it can be done easily.

4

1 回答 1

1

While OpenPGP uses a special mode of operation for encryption (the OpenPGP CFB mode), there are no special algorithms used for signing documents. RFC 4880, OpenPGP defines how OpenPGP messages have to be composed -- in theory, that's all you need to know to export messages in the OpenPGP format. You might even be able to skip a lot of special cases, especially if you also can control what keys are used (and their technical specifics) to sign the information.

But you will have to put together own code to write the OpenPGP message format, which is pretty much what OpenPGPJS and others are doing already. But doing proper cryptography is very complicated, and there are many ways to do things wrong. Don't write your own crypto code, especially not as a side project.

Finally, looking at the code I'm rather sure kbpgp does not export BEGIN GPG MESSAGE headers. It might well print BEGIN PGP MESSAGE headers, and this is the correct header when signatures are combined with the signed content. Changing this to BEGIN PGP SIGNATURE will result in an invalid header for the message's contents.

于 2017-06-30T18:22:54.357 回答