neuhalje/bouncy-gpg

Support for sign only

mgrossmann opened this issue · 2 comments

I would like to offer the functions sign() and verify(). As you know from PGP, I want to create a second file in which the signature of the original file is stored. Currently there are only the methods encryptToStream() and decryptAndVerifyStream() in the class BouncyGPG.

Best regards /
mit freundlichen Grüßen

Mike

You mean implement detached signatures?

I would really appreciate a pull request. Right now I am quite busy at $DAYJOB ant will probably be till the end of summer. So I can discuss PRs, API and test design but won't really be able to implement much.

On a different topic: I am also in the process of implementing key generation (#30) - help gladly accepted :-) .

I had a need for this as well, so I took the BuildEncryptionOutputStreamAPI and BuildDecryptionInputStreamAPI classes, cut some stuff out, and turned them into a working BuildSigningOutputStreamAPI and BuildVerificationInputStreamAPI. Did some basic testing and the results seem to be GPG-compatible, so I'm happy and using my hacked-up classes as they are. Oh, I also needed to take the PGPEncryptingStream and hack out a PGPSigningStream class.

They're kind of gross, but they work (I think), and could probably serve as the starting point for a pull request, but I'm focussed on my own project, of course. I'll attach what I've got

bouncy-signing.zip

Best,

Jeff