gpg --verify detached signature from two file descriptors?

Daniel Kahn Gillmor dkg at
Fri Nov 12 23:20:30 CET 2010

On 11/12/2010 07:28 AM, Robert J. Hansen wrote:
> 1.  Don't optimize code that isn't a bottleneck -- there's nothing wrong
> with making GnuPG do unnecessary work so long as that part isn't the
> bottleneck.

i was actually hoping to avoid *me* having to do the extra work of
figuring out how to concatenate the data with the signature.

Do you have a suggestion for how to make such a concatenator for
arbitrary 8-bit data?  Do i need to build an OpenPGP data packet from my
input stream first?  Is there example code of such a concatenator someplace?

> 3.  GnuPG is a very mature project that's had a lot of people hammering
> on it.  Your own code is probably much newer with far fewer people
> hammering on it.

I grant that my own code is more likely to be buggy than gpg's.  that's
another good reason for me to not write a concatenator :)

Are you saying there is no way to pass a detached signature via a file


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101112/058c15fc/attachment.pgp>

More information about the Gnupg-users mailing list