multiple signers
Timo Schulz
twoaday at freakmail.de
Wed Dec 11 10:34:02 CET 2002
On Tue Dec 10 2002; 22:37, David Shaw wrote:
> The only fix that really handles all the cases is to loop over this
> code for each signature in the file, but that would be expensive as it
> involves re-hashing the input for each pass. The next best thing is
Yes, I thought the same. When the file is very large, it takes a long
time to verify two or more signatures. What about parallel hashing.
I mean something like this:
nread = iobuf_read( fd, buf, 4096 );
for( l = list; l; l = l->next ) {
gcry_md_write( l->hd, buf, nread );
}
On the other hand, this means we need to change the code in lots of
files and this is no solution for the stable branch.
> Still, I wonder if the best solution for the stable branch isn't to
> just lock this off so that the first signature is verified and then
> print a warning that any other sigs in the file are being skipped.
> It's certainly a minimal change, and we do a proper fix in the devel
> branch.
Yes, I agree it's no big issue and we can fix this in the devel branch.
Timo
More information about the Gnupg-devel
mailing list