GnuPG UI Server Protocol: verification status for DECRYPT?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Nov 11 06:53:18 CET 2016
Hi all--
I'm trying to understand the GnuPG UI Server Protocol, as documented in
gpgme.info. I'm working with gpgme from git master and gpg quite close
to git master (2.1.15 plus many dozens of patches from git)
the DECRYPT command has a --no-verify flag, which implies that sometimes
it does verify the message. But it does not indicate how to retrieve
the status of the signature verification (if any).
the VERIFY command documents a "SIGSTATUS" status line. Should this be
provided as well for DECRYPT? I tried the following sequence with
"gpgme-tool" and "gpg --server", with a signed+encrypted file attached
to FD 5 and an output file connected to FD 6:
INPUT FD=5
OUTPUT FD=6
DECRYPT
and while both programs successfully decrypted the file, neither of them
produced a status like of type SIGSTATUS. "gpg --server" produced no
output status lines, and "gpgme-tool" produced only PROGRESS status
lines. If i gave "gpg --server" a --status-fd argument, then it
produced some status lines like "VALIDSIG" on that file descriptor, but
nothing that reflected the GnuPG UI Server Protocol documentation.
Am i misunderstanding something? is there no way in the GnuPG UI Server
Protocol to get a signature status report on an encrypted+signed
message? Or are "gpg --server" and "gpgme-tool" not intended to be
implementations of the GnuPG UI Server Protocol at all and i should look
elsewhere?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 962 bytes
Desc: not available
URL: </pipermail/attachments/20161111/dd66a307/attachment.sig>
More information about the Gnupg-devel
mailing list