silent mode; signing headers
Werner Koch
wk at isil.d.shuttle.de
Thu Jun 18 10:40:40 CEST 1998
Zack Weinberg <zack at rabi.phys.columbia.edu> writes:
> First, a `silent mode' for verifying signatures. In this mode g10
> reads a file and indicates whether the signature is good or not by
> its exit status, but produces no output. Exit codes should
that should be possible with gpg --batch --verify. I can make sure
that you get these exit codes:
0 - okay
1 - can't check signature (unknown algorithm, no public key)
>= 2 - program failure.
I don't think that it is a good idea to use exit codes as this is
complicated if gnupg is used in a pipe (yes, bash 2 has a facility for
this). A better way is to parse the output of gpg: when used with
--status-fd 2 you will see lines
[GNUPG:] keyword more stuff
which are quite easy to parse.
> Second, it would be nice to be able to sign some of the headers of a
> message as well as its content. This allows the recipient to check
I do not think gnupg should do this; it is MUA relatated stuff. I'd
suggest do invent some MIME encoding for this. A way to do this is
to bring the headers in a standard format (MTA may rewrite them), hash
them and put the hashvalue as printable string into the contents of
the message (or simply copy the headers into the contents).
> p.s. --verify is documented to not print the contents of the file
> verified, but in 0.2.19 it does (at least with --clearsign
Noted, thanks.
Werner
More information about the Gnupg-devel
mailing list