Which app to check PGP file signatures on Android?

[Saint-loup]

Hello
If you want the latest version of Electrum for example, you need to download the apk on the Electrum website (because the last version is not available on Play store).
So you need to check the PGP file signature of the apk to be sure there has not been any hack.
I do this by installing a shell terminal for Android(Termux) and the gpg package.
But it's not convenient to use a shell on a smartphone, and I don't think it's a suitable solution for beginners.

So are there apps on Android offering PGP file signature checking?

Thank you

[dragonvslinux]

There are enough of them by the looks of it: https://play.google.com/store/search?q=pgp&c=apps&hl=en_GB
I realize most are for email, but any pgp client that manages key should be able to verify a signature with --decrypt option alone.
I've never used any of these so can't recommend though, though I'd definitely stay away from Symantec's software.
Or any other unaccountable closed-source versions for that matter. Go for transparent open source 

[Saint-loup]

How about OpenKeychain? I never used it, but it's suggested by team who used to port GnuPG to Android OS after GnuPG for android is discontinued.

Thank you
Yes I tried it before using Termux but I couldn't verify my file signature with it (the file signature of the electrum apk).
I don't know if I missed something but I wasn't able to do it with openkeychain while it worked with Termux...

[BitMaxz]

~snip~
Yes I tried it before using Termux but I couldn't verify my file signature with it (the file signature of the electrum apk).
I don't know if I missed something but I wasn't able to do it with openkeychain while it worked with Termux...

Why not use the online tool to verify the signature of the Electrum?

Check this one https://8gwifi.org/PGPFunctionality?


If this doesn't work there are no other apps on playstore to verify the signature of the electrum.

I think you can verify signature with Android phone by using VPS why not try to make free vps in DO and start make a windows instance?

To connect it through android remotely you can follow this REMOTELY CONNECT WINDOWS VPS USING AN ANDROID DEVICE
After that you can now install software for PGP to verify the Electrum signature for apk.

This is the only last hope/option if you don't have a PC.

[Saint-loup]

~snip~
Yes I tried it before using Termux but I couldn't verify my file signature with it (the file signature of the electrum apk).
I don't know if I missed something but I wasn't able to do it with openkeychain while it worked with Termux...

Why not use the online tool to verify the signature of the Electrum?

Check this one https://8gwifi.org/PGPFunctionality?

Thank you but this tool only verifies if the signature belongs to the public key submitted.
It doesn't check if the signature matches the file I want to check (the apk).
And this is precisely what I want to be able to do conveniently : being sure the file is ok.

Moreover I get a bug with this tool
org.bouncycastle.openpgp.PGPSignatureList cannot be cast to org.bouncycastle.openpgp.PGPCompressedData