splitting up an inline-signed OpenPGP message

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Sep 4 16:32:24 CEST 2016


Hi GnuPG folks--

I'd like to provide a simple utility to split an inline-signed OpenPGP
message into a body and a signature that can then be verified
independently with gpgv.

I've written the following perl proof of concept but the result is a
body and a signature that gpgv claims is BAD, even though the body
exactly matches the exact output of "gpg --decrypt < inline-signed.txt"

I test this with:

	gpg --no-options --batch --no-default-keyring --status-fd=2 --keyring $(pwd)/trustedkeys.gpg --output body.gpg-extracted --decrypt < inline-signed.txt
	./split-inline-signed.pl < inline-signed.txt >body 3>body.asc
	diff body.gpg-extracted body
	gpgv --status-fd 2 --keyring $(pwd)/trustedkeys.gpg body.asc body

and everything works as expected until gpgv fails :/

Can anyone point out what i've done wrong?

    --dkg

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: split-inline-signed.pl
URL: </pipermail/attachments/20160904/b9ff0b9e/attachment.pl>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: </pipermail/attachments/20160904/b9ff0b9e/attachment.sig>


More information about the Gnupg-devel mailing list