The public key can be downloaded from here
的功能这是我要验证的字符串:
6mjdvgmdvggpyoaf.onion
这是分离的签名:
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJYF5+8AAoJEOK8b86OOhToO8EP/ix16wNi/bH+CZuAiOawd2NX
P+rno33WeVLKHg4pJWTeuYumFnjjStRgj/IL2r6Iafa8jnuffMr+DqsbISvbJDXx
dNvwzybPD0dLc/ftJTm1PAR9sTNh3+zeAldmYaaXQTAX/YUVjjru5oiP4H/+oh5t
NezgT7U812r6sVkgOq6dIl84uYRaToB4xxk0C1mdiM2ro1bC7OAAAD5wCFouQNS/
KD+fLebfjPjpDhmd1GgMk08/XGXUQueYPLP6ovsU6ztkjHkKTbPLX9Ity1mLIJlE
WvgZAFd2DwnBhcGUm5o6chvqj8t7kCUldFxJBYtSC0BV8flaRC/2csbKJRLfxy1N
bsRT7sP3fRm3b+bEHXUFdlLUgQbbaH/1HiZO6hsx7qeADvBHEH59kJfRo3XgPNVZ
MBm8kaRDpjYMNwpmrh4uN5ONwDQ5X3weRajZfKub4YzTRqf0gLcfTzbSBDn+YFLX
8NE+9Z7c/UgAsOMzDeVR37BpA9weNeb4EEW4kulr9LBdVbOu6dM9aF9pIBbnD/Nu
5FRcxB3Z/IqUH7PzgS0fCkjroO36Qdu1cAdvkbOgeWpRLcsn/NZdYjBBAD9+JXfT
8tl06AniMFLnyWq5ydytApAu45WW4vthhyPdx+so3R0gN2FJL2pQE01vLO5c0EAP
XSVJLdVLyQTDNW0jwbwo
=vn/m
-----END PGP SIGNATURE-----
以下是代码:
var pubkey = openpgp.key.readArmored(key.trim());
var msg = openpgp.message.readSignedContent(domain, signed_block);
var result = msg.verify(pubkey);
console.log(result.valid);
结果日志是:
null
在代码中,可以在以下位置找到要求验证的函数:
https://openpgpjs.org/openpgpjs/doc/message.js.html
第367行:
if (keyPacket) {
verifiedSig.keyid = signatureList[i].issuerKeyId;
verifiedSig.valid = signatureList[i].verify(keyPacket, literalDataList[0]);
} else {
verifiedSig.keyid = signatureList[i].issuerKeyId;
verifiedSig.valid = null;
}
找不到keyPacket,但我无法理解为什么,看起来像签名块的问题(也许??)但我不太了解Openpgp内部,知道该怎么做。
任何帮助将不胜感激。
答案 0 :(得分:1)
解决:
var pubkey = openpgp.key.readArmored(key.trim()).keys;