GPGME: What does ‘0’ (zero) ‘signature.summary’ value mean?
Ben Finney
ben+freesoftware at benfinney.id.au
Fri Apr 12 09:30:41 CEST 2024
Howdy,
What is the meaning of a GPGME `signature` result with `summary` value 0
(zero)?
The `verify` operation returns (among other things) a collection of
`signature` results derived from the input data. Each `signature` is of
type `gpgme_signature_t`; that object has a `summary` attribute, of type
`gpgme_sigsum_t`.
The value of `gpgme_sigsum_t` is a bitmap structure; the
`gpgme_signature_t` documentation describes all the meanings of those
flags.
<URL: https://www.gnupg.org/documentation/manuals/gpgme/Verify.html#index-gpgme_005fsignature_005ft>
>From my reading of that documentation, zero is not a meaningful
`gpgme_sigsum_t` value; the value should either have the
`GPGME_SIGSUM_VALID` bit set (if the signature is valid), or some other
combination of bits should be set. A zero `summary` (with no bits set)
does not seem a possible result from that library.
When I use the `verify` operation [0] (passing an inline signed data
stream, read from a text file), the result is meaningful: no error, the
`signature` results have the expected keys and timestamp etc, but each
has a `summary` value of 0.
What does this value mean; what user-level meaning does it represent?
How is `summary` value 0 meaning different from `GPGME_SIGSUM_VALID`?
How is its meaning different from any other possible `summary` value?
[0]: If it matters, I am using the Python PyGPGME wrapper.
<URL: https://pygpgme.readthedocs.io/en/latest/api.html>
From what I can tell the wrapper is simply exposing the GPGME
interface with Python objects, so I believe the questions above are
all about the underlying GPGME library API.
--
\ “A thing moderately good is not so good as it ought to be.
`\ Moderation in temper is always a virtue; but moderation in
_o__) principle is always a vice.” —Thomas Paine
Ben Finney
More information about the Gnupg-devel
mailing list