The current MD5 file signatures allows end users to check whether the file is still in tact. However it doesn't garanty the file (and MD5) haven'/files/ field and API should support PGP signatures.
JAS will need to support Encryption / Decryption for a variety of ciphers. It should also support hashing algorithms (MD5, SHA, etc) so it can replace the passwords hashing in the Data object.
The file (and image) field should get an additional field for the MD5 hash. The /files/ would then need a "MD5" variable that would download a "text/plain" file with the hash as content. The filename can be generated based on the original filename and a .md5 suffix (filename.ext.md5).
Note that it's probably wise to add a MD5 property to the file/image fields to allow it to be enabled/disabled.
Report issues
We're currently not allowing issue reporting directly via ITS. Please use the feedback form to submit your issues.