[guardian-dev] gnupg-for-java verify function
hans at guardianproject.info
Tue Jan 27 05:55:11 EST 2015
I haven't had my head in that code for a while now, so I could only guess.
Try reading the gpgme docs on the verify function there. gnupg-for-java
generally follows what gpgme does.
> Thanks for CC'ing this, it could be helpful. But what about my other questions? > How to use verify()? How to get anything from plain parametr?
> Dnia 27 stycznia 2015 10:07:11 CET, Hans-Christoph Steiner <hans at guardianproject.info> napisał(a):
>> Hey Marek,
>> I'm CC'ing the Guardian Dev list since this topic is of general
>> interest, and
>> others on that list might have contributions to this thread as well.
>> gnupg-for-java currently requires gpgme 1.5.x, but it would probably
>> not be a
>> lot of work to get it working on older versions. I only cared about
>> latest version of gpgme, since I was only using it on Android, where
>> all the
>> libs are embedded in the app.
>> It would be quite useful to have gnupg-for-java work on older versions
>> gpgme so it'll be easy to deploy on platforms with older versions of
>> like RHEL, Debian/stable, Ubuntu/LTS, etc.
>> Daniele has done some work towards that goal:
>> Marek Wrzosek:
>>> OK, I'm answering my own mail. I've figured out that verify needs
>>> signature, signed and plain GnuPGData objects, even empty ones. From
>>> howto of gpgme that if sig is clear text signature (I assume that
>>> creating signature from file will work), than signed_text should be
>>> null (in java empty GnuPGData?), but effect of verification is in
>>> plain. How to make writable GnuPGData for plain? How to extract text
>>> from GnuPGData or do something with it that make sense?
>>> W dniu 26.01.2015 o 16:20, Marek Wrzosek pisze:
>>>> Hello Hans!
>>>> I need help. Is gpgme 1.5.0 really necessary? The example program
>>>> is working with 1.4.3 version, but it only prints list of keys. But
>>>> it's not that important. The real question is: How to use verify
>>>> function? public void verify(GnuPGData signature, GnuPGData signed,
>>>> GnuPGData plain) I've found this in gpgme tutorial (about
>>>> underlying C function):
>>> But it isn't very helpful with java.
>>>> What is the easiest way to verify clear text signature from text
>>>> file or stdin? What about encoding? File is in ASCII (or UTF-8 - my
>>>> default system encoding), java uses Unicode. How gnupg-for-java
>>>> will handle it?
>> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the guardian-dev