Verify Signatures - Verify Digital File Signatures. Authenticate Files, Data and Entities.

Act On File Windows Compatibility Seals

This section discusses the Verify Signatures functionality of the Authenticator module.
The Verify Signatures functionality is used to confirm or deny the origin and integrity of a signed file and its signature. To verify a signature, one needs the signed file, the file signature, and the authentication (public) key complement to the signature (private) key used to produce the signature. Usually the signed file and its signature would be distributed together and would be ready for verification using an appropriate public key which should have been made available through an appropriate channel. For example, the public key of an organization may be available on their website and ready to download at any time when a user needs to verify signatures and files supplied by the organization. For a detailed explanation of the principles of authentication, please view the Introduction to the Authenticator module. For an explanation about how to sign files, please review the Sign Files functionality help article. To simplify the handling of a signed file and its signature, it is possible to append the signature to the signed file. The Verify Signatures functionality is capable of verifying signatures when the signature is appended to the file using the Sign Files functionality as well as when the signature is a separate file.
Capture: Verify Signatures
Verify Signatures

Operation

To Verify Signatures you need to add the files and folders whose signatures are to be verified to the selected items control of the Verify Signatures functionality. Adding folders to the selection controls makes Act On File verify all files contained in the selected folders. Any shortcuts in the selected folders will be followed or ignored according the selection in the Shortcuts combo-box. After the items to be verified are selected you need to supply an authentication (public) key, set the signatures source controls and the verification-signing controls. When ready, click OK to start the process of verification. There are four possible modes used to supply the file signatures. For modes where the signature is not attached to the file, the module will search for signatures in the appointed folder(s) and match them with the signed files by name. Signatures are expected to have the same filename as the selected file, with the appended extension ".signature". The results from the verification are displayed in a results window after the process is complete. The results dialog allows you to close the functionality, return to the functionality window and modify the verification request, and store the results in an html document.

Controls

  
Selection Controls
Verify Signatures Selection Controls
These controls are used to select and display the files and folders for the operation, and the authentication (public) key. In addition to the Add Files, Add Folders and Remove buttons, you can use the standard clipboard, drag and drop, and keyboard operations.
KeyEnter the path to the authentication public (or private) key. Remember to keep Private Keys safe and secret until such time as they are to be destroyed using True Delete.
ShortcutsSelect the behavior of the functionality in respect to any shortcuts that might be present in the selected folders.
TargetAny shortcut located in selected folder will be dereferenced and its target file or folder will be treated as if it were selected.
IgnoreAny shortcut located in selected folder will be ignored.
Signatures Source Controls
Verify Signatures Source Controls
and also
Verify Signatures Source Controls Appendix
These controls are used to tell the module where to find the file signatures.
Signatures sourceSelect the input type and location.
Appended to FileEach signature is appended at the end of the signed file using the Sign Files functionality or another compatible way.
Common PlaceAll signatures are stored in the target folder and are named "[signed filename].[signed extension].signature".
Original LocationThe signatures are located in the same folder as the signed file and are named "[signed filename].[signed extension].signature"
Reflecting TreeThe same directory structure as that of the selected files and folders is assumed to exist under the selected target folder. Each file signature is named "[signed filename].[signed extension].signature" and is located in the folder that reflects the folder containing the signed file.
at folderSelect folder to be used for the "Common Place" and "Reflecting Tree" options.
Remove signatures from verified filesSet this checkbox to remove the signature after a successful verification process or clear it to keep the signature appended to the file after the verification is successfully completed.
Remove signatures from failed to verify filesSet this checkbox to remove the signature after an unsuccessful verification process or clear it to keep the file unchanged after an unsuccessful verification.
Operation Controls
Verify Signatures Operation Controls
These controls are used to control the signature interpretation and must be set to the same values that were used in the file signing process.
Hash typeSelect the hashing algorithm: must be the same algorithm used in the file signing process or else the signature verification will fail.
SHA, U.S. DSA Secure Hash AlgorithmThis algorithm generates a 160-bit hash value.
MD2, Message DigestThis algorithm generates a 128-bit hash value.
MD4, Message DigestThis algorithm generates a 128-bit hash value.
MD5, Message DigestThis algorithm generates a 128-bit hash value.
FlagsSelect the padding: must be the same padding used in the file signing process or else the signature verification will fail.
PKCS#1Use PKCS#1 padding.
X.931 + PKCS#7Use X.931 + PKCS#7 padding.
Byte OrderSelect the signatures byte order. Different platforms may use different byte ordering. It is important that you select the correct byte order of the signatures.
Big-EndianThe signatures are in Big-Endian byte order.
Little-EndianThe signatures are in Little-Endian byte order.
Set DefaultsThe Set Defaults is a user-friendly button that sets the Operation Controls to a default selection of properties in order to help users who might find the settings confusing. The selection made with this button matches the Set Default selection in the Sign Files functionality window.
Window Controls
Verify Signatures Window Controls
These controls have generic meanings.
On TopSets and clears the Always On Top flag on the window. This checkbox adds or removes the window from the group of Top-most windows.
OKCommits to work and verifies the signatures of the selected files.
CancelCloses the window without doing any work. The last selected properties are stored.