verifying signature after decryption

Jerry Windrel jerry.windrel at verizon.net
Tue Apr 27 19:16:25 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----- Original Message ----- 
From: "Atom 'Smasher'" <atom-gpg at suspicious.org>
To: <gnupg-users at gnupg.org>
Sent: Tuesday, April 27, 2004 9:14 AM
Subject: Re: verifying signature after decryption


> On Tue, 27 Apr 2004, Holger Sesterhenn wrote:
> > >>is there any way to do this without writing my own code?
> >
> > If I remember correctly there was a feature request on
> > Gnupg-devel at the end of february: --unwrap
> >
> > This would decrypt the message but leave the signed data with the
> > signature packet untouched. Of couse you need again an OpenPGP
> > client to verify the signature and get the data.

Could there be a feature that would be similar to the "unwrap"
feature, but that would give you just a standard signature, without
it being in a packet with the data?  Then you could decrypt the data
yourself and send its cleartext, along with the signature, to others
for verification.  They could verify the signature as they would for
any clear-signed message, as if it had never been enrypted.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com

iQA/AwUBQI6VVIlVuABWWiqVEQKQTgCeKwfDZwx8KZbxDdaIG3uWpjhfpFgAoOrj
7YnlNr3hxCnHpUYv22+U7Qnm
=9Umf
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list