Decrypting without designing?

Nico Schottelius nico-linux-gnupg at
Thu Sep 23 16:12:17 CEST 2004


I am programming an encrypted mailing list and want to use gpg

Now I am a bit stuck, as I want only to decrypt a file, but not remove
the signature. Is that somehow possible?

The background:

I have the following workplan for the part of the mailing list manager,
which handles the mail:

--- ---  --- ---  --- ---  
   1. Check if it is adressed to us. If not, bounce. [ok]
   2. Check if the sender is subscribed. [ok]
      no: Check if ml is open for everyone (open_list)
         no: bounce
         yes: add bfw: Sender_unknown
   3. Check whether message is encrypted for us [ok]
      no: bounce with bfw (BIG FAT WARNING)
      yes: decrypt
   4. subscribed only: Check whether sig is ok
      no: bounce
   5. Remove signature / Add own signature (really??) [???]
   6. encrypt for each recipent and send
--- ---  --- ---  --- ---  

Ponts 1-3 are problemsless. But when the message is decrypted,
gpg -d also removes the signature. The ML software also checks
whether the key used to sign fits to the address subscribed.

If I have an encrypted, but not signed message and I pipe it
through "gpg -u "$PGPID" -q --no-verbose --batch -d" it
returns 0 (as expected). The problem is, gpg returns the same,
if I have an encrypted and signed message.

Can anyone give me a hint how to see the difference?



P.S.: Here's how it looks like:

bruehe% cat mail.crypted.signed.ecml | SENDER=nico-confirmtest at ./ecml-manage ./testml/
gpg-return: 0

bruehe% cat mail.only.crypted.not.signed | SENDER=nico-confirmtest at ./ecml-manage ./testml/
gpg-return: 0

Keep it simple & stupid, use what's available.
Please use pgp encryption: 8D0E 27A4 is my id. |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : /pipermail/attachments/20040923/edb7064e/attachment-0003.bin

More information about the Gnupg-users mailing list