Support for verify? #24
Comments
|
As far as I can see that would need to have some kind of key store or you would at least need to be able to provide the public part of the key that signed the file. This is not implemented in this lib afaik and does not match the use case either imho. |
|
okay, so what if I had the public key that signed the file. It would still be hard / not in scope of this library? |
|
Exactly. This library is about parsing keys, not signed/encrypted data. You can use gpgme for that, but be aware that it is a bit... well it is not that well supported/maintained imho. For most things it is working fine though, especially verifying signed data should be feasible. |
|
Yeah I know, I was just hoping to find some understandable example or documentation (beyond the original code) for how the process works. Thanks for your help, I appreciate it! |
|
@vsoch in the source folder of gpgme are example files (in the python subfolder). These helped me a lot in the past! |
|
Ah thank you! I will check them out! |
|
@techge do you have a link? I don’t see a Python subfolder anywhere here: https://github.com/gpg/gpgme. Should I look at older releases, possibly it was removed? |
|
Sure, I just vaguely remembered it, so it was a bit unspecific. Have a look here. :) |
Hi! Do you have an example for how this library could be used to verify a signed key? E.g., if I have a file, I can sign it:
And that produces
tacos.txt.gpg, which I could load packets for and see several blocks:I was actually looking at a gist that is conceptually similar to the library here. But I'm interested in reading the packets and then verifying, but I'm having trouble finding a good example of doing that (the RFC document isn't super helpful because it's all pretty abstract). Thanks for your help!
The text was updated successfully, but these errors were encountered: