If GPG has the correct public key, show signature as verified and display key owner name

src/js/crypto.js

@@ -252,7 +252,7 @@ function importPrivateKey() {
 /**
  * Call the native system GPG to "decrypt" a PGP signature. This should work when the hacky "base64 decode and search for strings" method fails.
  * @param {String} sigdata
- * @param {Function} callback (string) message, (string) fingerprint, (bool) success
+ * @param {Function} callback (string|null) message, (string|null) fingerprint, (string|null) signername, (bool) verified, (bool) success
  * @returns {undefined}
  */
 function readSignatureExternally(sigdata, callback) {
@@ -286,15 +286,26 @@ function readSignatureExternally(sigdata, callback) {
         if (stdout.length > 50) {
             msg = stdout;
         } else {
-            callback(null, null, false);
+            callback(null, null, null, false, false);
         }
 
+        var verified = false;
+        var signername = null;
+
+        console.log(stderr);
         var keyid = null;
         var keyidregex = /(keyid|RSA key) ([A-F0-9]+)/;
         if (keyidregex.test(stderr)) {
             keyid = stderr.match(keyidregex)[2];
         }
-        callback(msg, keyid, true);
+
+        var goodsigregex = /Good signature from "([a-zA-Z0-9\s]+) <.+@.+>"/;
+        if (goodsigregex.test(stderr)) {
+            // GPG actually has a matching public key, so that's cool
+            verified = true;
+            signername = stderr.match(goodsigregex)[1];
+        }
+        callback(msg, keyid, signername, verified, true);
     });
 }
 

src/js/pdf.js

@@ -83,12 +83,12 @@ function analyzeSignedPDF() {
                             var msg = window.atob(base64).split("START", 2)[1].split("END", 2)[0];
                             parseAndDisplaySignature(msg, pdfhash, false, null);
                         } catch (ex) {
-                            readSignatureExternally(sigdata, function (msg, keyprint, ok) {
+                            readSignatureExternally(sigdata, function (msg, keyprint, signername, verified, ok) {
                                 if (!ok) {
                                     showAlert("Error: could not parse signature data.");
                                     return;
                                 }
-                                parseAndDisplaySignature(msg, pdfhash, false, keyprint);
+                                parseAndDisplaySignature(msg, pdfhash, verified, keyprint, signername);
                             });
                             console.error(ex);
                         }
@@ -149,7 +149,7 @@ function analyzeSignedPDF() {
     }, ".pdf");
 }
 
-function parseAndDisplaySignature(msg, pdfhash, verified, fingerprint) {
+function parseAndDisplaySignature(msg, pdfhash, verified, fingerprint, signername) {
     var msgparts = {};
     // Decode message contents
     var msglines = msg.split("\n");
@@ -246,7 +246,11 @@ then run the analyze tool again to prove if it was changed since notarization.")
             var fingerprintstart = "";
             var fingerprintend = fingerprint;
         }
-        $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-fingerprint fa-fw"></i> Signature key ID: ' + fingerprintstart + '<b>' + fingerprintend + '</b></li>');
+        $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-fingerprint fa-fw"></i> Public key ID: ' + fingerprintstart + '<b>' + fingerprintend + '</b></li>');
+    }
+
+    if (typeof signername == "string") {
+        $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-user-shield fa-fw"></i> Owner of public key: ' + sanitizeHTMLString(signername) + '</li>');
     }
     new bootstrap.Modal(document.getElementById('verifyModal')).show();
 }