How to verify document with detached signature? - Githubissues

singpolyma / openpgp-php

OpenPGP.php is a pure-PHP implementation of the OpenPGP Message Format (RFC 4880).

http://singpolyma.github.io/openpgp-php/

The Unlicense

179 stars 69 forks source link

How to verify document with detached signature? #100

Closed henry-h closed 3 years ago

henry-h commented 4 years ago

How to verify document with detached signature?

singpolyma commented 3 years ago

You should be able to unarmour and then parse the detached signature file to get the SignaturePacket. Then construct a LiteralDataPacket containing the data from the file. Finally make an OpenPGP_Message with the SignaturePacket first followed by the LiteralDataPacket. Now you should be able to treat this message as an attached signature and verify as per the example.