You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The data could be passed to gpg to validate the form of the signature data.
E.g. an invalid escape like listed in #54 would produce:
$ gpg --verify security-with-escaped-begin-signature.txt
gpg: unexpected armor: -----END PGP SIGNATURE-----\r\n
gpg: no valid OpenPGP data found.
gpg: no signature found
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
While a parsable message results in:
$ gpg --verify valid-pgp-security.txt
gpg: Signature made Sun 01 Jan 2023 12:34:46 PM CEST
gpg: using RSA key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
gpg: Can't check signature: No public key
Even the signature date could be checked for:
not a date in the future
sectxt Expire - PGP signature date < 1 year
The text was updated successfully, but these errors were encountered:
We attempted to use the GNUPG function mentioned in your issue. For this we tested python-gnupg, a wrapper for GnuPG. However for this the binary would need to be installed if you use this package. We did find a replacement module, PGPy Python library for implementing Pretty Good Privacy into Python programs, conforming to the OpenPGP specification per RFC 4880.
This package will detect any issue with the pgp message or the data within without decrypting the message.
To prevent an invalid PGP signature like to pass, like:
The data could be passed to gpg to validate the form of the signature data.
E.g. an invalid escape like listed in #54 would produce:
While a parsable message results in:
$ gpg --verify valid-pgp-security.txt gpg: Signature made Sun 01 Jan 2023 12:34:46 PM CEST gpg: using RSA key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX gpg: Can't check signature: No public key
Even the signature date could be checked for:
The text was updated successfully, but these errors were encountered: