mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Add README for signature package
This commit is contained in:
parent
3abb796220
commit
3bee3e5916
1 changed files with 30 additions and 0 deletions
|
@ -0,0 +1,30 @@
|
||||||
|
# Signature Verification and Validation
|
||||||
|
|
||||||
|
This package can be a bit overwhelming, hence this README file.
|
||||||
|
|
||||||
|
Signature verification and validation in OpenPGP is a complex topic (see a
|
||||||
|
[related blog post of mine](https://blog.jabberhead.tk/2021/04/03/why-signature-verification-in-openpgp-is-hard/)),
|
||||||
|
therefore let me quickly outline some of its challenges for you:
|
||||||
|
|
||||||
|
A signature is either valid or it is not.
|
||||||
|
However, signature validity goes beyond merely checking the cryptographic correctness like BouncyCastle does.
|
||||||
|
A signature that is correct can still be invalid, eg. if it is past its expiry date
|
||||||
|
or the key that issued the signature got revoked or is simply not a signing key in the first place.
|
||||||
|
|
||||||
|
All the little criteria like "is not expired", "has a hashed signature creation time subpacket",
|
||||||
|
"does not contain critical unknown notations/subpackets" and so forth
|
||||||
|
are implemented in the SignatureValidator class. This class defines an abstract "verify()" method
|
||||||
|
which is overwritten in a collection of anonymous subclasses which check for one or more such criteria.
|
||||||
|
|
||||||
|
Whether a signature is cryptographically correct is checked in the SignatureVerifier class.
|
||||||
|
This class draws on the SignatureValidator class to compose the subclass building blocks depending on
|
||||||
|
the signature type to check if the signature fulfills formal criteria and further checks for
|
||||||
|
cryptographic correctness.
|
||||||
|
|
||||||
|
Lastly the CertificateValidator class not only verifies single signatures, but also verifies that
|
||||||
|
the corresponding certificate (public key ring) is still valid.
|
||||||
|
It checks if the signing subkey is properly bound to its primary key, that no key in the chain is
|
||||||
|
revoked or expired and that the signing key is capable of signing in the first place.
|
||||||
|
|
||||||
|
I hope this little guide helps you to get access to the package more quickly.
|
||||||
|
Happy Hacking!
|
Loading…
Reference in a new issue