---
title: Signing & Verifying Files
---

GpgFrontend extends its utility from handling text-based operations to
facilitating file operations with ease and security. The principle behind
signing and verifying files mirrors that of text, leveraging the robust
framework of digital signatures. However, a significant distinction lies in the
nature of the input and output for file operations, which can be binary,
accommodating a wider range of file types beyond simple text documents.

When signing a file using GpgFrontend, the software utilizes the private key of
the user to create a digital signature. This process begins by computing a hash
of the file's contents, regardless of whether the file is a document, image,
executable, or any other binary format. This hash serves as a compact
representation of the file's data. Subsequently, the hash is encrypted with the
user's private key, producing a digital signature unique to both the file and
the key used. The resulting signature can either be attached to the file or
stored separately, depending on the user's preference and the requirements of
the application.

Verifying a signed file with GpgFrontend involves the corresponding public key
of the private key that was used for signing. The verification process decrypts
the digital signature using this public key to extract the original hash value
that was generated during the signing. Simultaneously, the software computes a
new hash from the file that is purported to be authentic. By comparing these two
hash values, GpgFrontend can determine if the file has been altered after it was
signed. If the hashes match, it confirms the file's integrity and authenticity,
assuring the recipient of its untampered state and the signer's identity.

This binary capability of file operations in GpgFrontend not only broadens the
scope of digital signatures to encompass a variety of file types but also
ensures that the integrity and authenticity verification process is not limited
to text-based data. It provides a critical layer of security in digital
communications, where files of all kinds are shared and exchanged with the
expectation of privacy and trust.

The application of digital signatures to files through tools like GpgFrontend is
especially relevant in scenarios where the authenticity of the file source and
the integrity of its contents are paramount. This includes software
distribution, where verifying the source and integrity of software packages is
crucial to prevent malware distribution; document sharing in legal and financial
contexts, where tampering could have serious implications; and multimedia
content distribution, where copyright and ownership are significant concerns.

In summary, GpgFrontend's support for signing and verifying files elevates the
security of digital file exchanges by applying the principles of cryptography in
a user-friendly manner. By accommodating binary file operations, it ensures that
digital signatures are accessible and applicable across a broad spectrum of file
types, reinforcing the pillars of trust and security in digital communications.

## Introduction to File Extensions

For ASCII-formatted ciphertext, the filename suffix is usually "asc", and these
files can be opened directly with a text editor. However, if the ciphertext is
binary, its file extension will be "sig" or "gpg". Typically, binary ciphertext
files are smaller than ASCII-formatted ones.

Prior to v2.0.4, the ciphertext files generated by GpgFrontend were all in ASCII
format. But starting with v2.0.4, GpgFrontend defaults to generating
binary-formatted ciphertext files. You can modify this setting in the settings.

![image-20220112073548736](https://image.cdn.bktus.com/i/2023/11/16/980bff72-7271-b639-e63b-ff1d274edc95.webp)

## File Browser

You can open the file browser (Ctrl/Command + B) via the top menu file option.
After selecting a target directory at system navigator, you can get a new File
browser tab. Using the file browser, navigate to your working directory. Then,
right-click the file you wish to operate on, and select the desired operation
from the pop-up menu.

![File Browser](https://image.cdn.bktus.com/i/2023/11/16/6a137a63-ae76-d45c-b425-5c3e5961aa2d.webp)

Two control buttons are located at the top of the file tab. The one on the left
allows you to go up a level, and the one on the right enables you to enter or
refresh the corresponding path in the input box on the left.

On the far right is a button offering useful options, such as displaying system
files or hidden files.

![File Browser 2](https://image.cdn.bktus.com/i/2023/11/16/1cc208dc-75f7-6e1f-f802-149ed18095af.webp)

### Sign

Through the right-click menu, you can rapidly sign a file. This operation will
generate a file with a "sig" or "asc" suffix, which contains the signature
content. In this scenario, you need to pass both this file and the original file
to the other party to allow them to verify it.

![Sign File](https://image.cdn.bktus.com/i/2023/11/16/ae18811f-12f8-4059-e46f-831929e59414.gif)

### Verify

This operation requires you to select a file with a "gpg" suffix (this may be
invalid for binary file ciphertext) or a file with a "sig" suffix for
verification.

When selecting a file with the "sig" suffix, ensure that the source file is also
present in this directory. This implies that the source file's name is simply
missing a "sig" suffix.

![Verify File](https://image.cdn.bktus.com/i/2023/11/16/dbb4d69c-d1a8-d5dc-6422-1cf300bea533.gif)