Chapter 1. Overview

Table of Contents

1.1. Passphrase handling
1.2. Variable setup

A simple FileHandler which supports working with detached PGP signatures.

It provides actions to:

A known key is one that is present in one of the configured keystores.

This FileHandler makes some assumptions:

So the file download.zip.sig contains a signature for the contents of the file download.zip.

Opening the signature file in this FileHandler will load the signature and display some status information along with the name of the target file derived from the base filename.

Verification can now be started by pressing the corresponding button. This will then verify the signature over the target files contents and display the result along with a message which helps interpretation.

Verification is disabled if the target file cannot be found. The target file must be located in the same directory as the signature file itself.

Depending on the size of the target file, verification can take a long time. A status message indicates the running computation but currently no support for aborting is present.

In case a new signature has been created, saving will be enabled if allowed by the configuration.

As this FileHandler supports modification and saving of the loaded data, it is an editor by nature.

1.1. Passphrase handling

Passphrases are required when a private key needs to be accessed from the configured keystore. Such an access is only necessary for security relevant operations such as signing and decryption. Thus passphrases will only be queried for when performing such an operation.

To ease general usage, it is possible to cache the passphrase during a customizable amount of time. Is there a need to access the same private key again within that time frame, the cached passphrase can be reused and the user won't need to re-enter it again.

On the other hand it is also possible to explicitly clear the cached passphrase from memory. This prevents it from being obtained by other software which might be scanning the memory for such sensitive information.