detached signatures
Werner Koch
wk at isil.d.shuttle.de
Thu Jan 7 10:19:02 CET 1999
"Juergen A. Erhard" <jae at ilk.de> writes:
> When verifying a detached signature, it seems gpg absolutely requires
> the detached sig to end in either `.sig' or `.asc'.
No.
> Wouldn't it be better to do some heuristic check here, like
No. This is not a good idea.
> gpg --verify signature signed-stuff
Use:
gpg --verify detached_signature files_which_are_signed
Only if you leave out files_which_are_signed, gnupg tries to figure
out the corret name by removing ".asc"/".sig".
The --verify is not needed but than gpg will output the message, which
is something you might not want to do - ah right there will be no
output for detached sigs but --verify allows you to specify the the
data which is signed and note that you are able to ollect more than
one file in a signature.
> [1] This code is really not easy to read... and though I'm in favor of
> *more* comments, I don't think it would help *that* much.
I should write the HACKING file but I don't have tome no - The code is
easy to understand if you have figured out for what these filters are:
They are used to reflect the structure of the data. Ever looked at
the PGP 2 (very ugly) or PGP 5 (too much directories) code :-)
Werner
More information about the Gnupg-devel
mailing list