dsig
v1.2.1TypeScript
Digital Signature with OpenPGP
9/weekUpdated 3 years agoLGPL-3.0-onlyUnpacked: 622.4 KB
Published by Dr. Ralf S. Engelschall
npm install dsig
DSIG
====
Digital Signature with OpenPGP in JavaScript
About
-----
DSIG (Digital Signature) is a JavaScript Application Programming
Interface (API) and Command-Line Interface (CLI) for generating an
OpenPGP public/private key
pair, calculating the fingerprint of the public/private key, signing a
payload with the private key and verifying the payload afterwards with
the public key and the fingerprint. It is especially intended to sign
application license files and application distribution archive files.
The crux of DSIG is:
1. It is based on OpenPGP.js, and as a
consequence, it is a plain JavaScript solution which does not require
an installed GnuPG and its native gpg command
and works in both Node.js and the Browser.
2. The private key, public key, fingerprint and signature
use a fully valid OpenPGP
format and hence they could even be used with GnuPG, although the
DSIG signature is a clear-signed OpenPGP message carrying both the
SHA-512 digest of the payload and optional meta information.
Installation
------------
``shell``
$ npm install [-g] dsig
Example
-------
See the Example section of the Unix manual page
for an example how to prepare public/private key pair and fingerprint,
and then sign and verify an application distribution archive or an
application runtime license. A corresponding standalone
Bourne shell script and equivalent Web page
can be used for test-driving DSIG, too.
Usage
-----
- Command-Line Interface:
See Unix manual page.
- Application Programming Interface (API):
See TypeScript API definition.
License
-------
Copyright © 2015-2022 Dr. Ralf S. Engelschall
Licensed under LGPL 3.0