multiple signers

Timo Schulz twoaday at
Wed Dec 11 10:34:02 CET 2002

On Tue Dec 10 2002; 22:37, David Shaw wrote:

> The only fix that really handles all the cases is to loop over this
> code for each signature in the file, but that would be expensive as it
> involves re-hashing the input for each pass.  The next best thing is

Yes, I thought the same. When the file is very large, it takes a long
time to verify two or more signatures. What about parallel hashing.

I mean something like this:

        nread = iobuf_read( fd, buf, 4096 );
        for( l = list; l; l = l->next ) {
                gcry_md_write( l->hd, buf, nread );

On the other hand, this means we need to change the code in lots of
files and this is no solution for the stable branch.

> Still, I wonder if the best solution for the stable branch isn't to
> just lock this off so that the first signature is verified and then
> print a warning that any other sigs in the file are being skipped.
> It's certainly a minimal change, and we do a proper fix in the devel
> branch.

Yes, I agree it's no big issue and we can fix this in the devel branch.


More information about the Gnupg-devel mailing list