TechQA.

How to get the public key ID/Fingerprint from a detatched signature in OpenPGP.js

434 views Asked by At 
import * as openpgp from "openpgp";

let detatchedSignature = "-----BEGIN PGP SIGNATURE----- insert signature here -----END PGP SIGNATURE-----";
openpgp.readSignature({
  armoredSignature: detatchedSignature,
}).then((sig: openpgp.Signature) => {
  let signingPublicKey = // whaaa??
});

According the the typedefs file the verify function needs the public key to test against, that makes sence. The problem is that I don't know what the public key might be.

I have a database of public keys that I can query by keyID or fingerprint, and according to RFC 4880 it is possible to get the fingerprint. The typedefs for openpgp.readSignature() I can input a detached signature and get the promise of a signature, but the object doesn't provide the fingerprint.

So how can I get the fingerprint or ID of the public key that created a signature using OpenPGP.js? Do I need to ask the user for the public key or can I just get it from the signature?

openpgp.js
Original Q&A
1

There are 1 answers

0
Dan On

After copying/pasting this thread on OpenPGPjs's issue tracker I got this response from another contributor who said it wasn't easily possible at that moment and suggested that I submit a PR. So I submitted PR 1326 adding a getIssuerIDs function to the Signature class. See example here.

Related Questions in OPENPGP.JS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions