Signing already-encrypted files (all to self)?
Chris Poole
lists at chrispoole.com
Mon Nov 14 12:11:56 CET 2011
On Fri, Nov 11, 2011 at 11:03 PM, Jerome Baum
<jerome+person at jeromebaum.com> wrote:
> Now the thing that I _do_ wonder about, Chris, is why you want to hash
> the plaintext files? Why not hash them encrypted? (No need to
> decrypt-then-hash-then-encrypt a bunch of files.)
That's perfectly acceptable, I'm just unsure of how to match the encrypted files
that haven't already been hashed. Here's what I do:
1. Run getmail, which puts a few more files in the maildir directory
2. `find maildir/ -not -name '*.gpg' | gpg ...` to encrypt these new files
At this point in the script now, I would want to hash the new files, but now
they'll have the `.gpg` output extension. I guess the easiest thing is just to
have gpg output with a filename `.tempgpg` or something, then hash, and then
rename to `.gpg`. (How else to match only these newly-encrypted files, when the
directory has thousands of files already ending in `.gpg`?)
Cheers
Chris Poole
[PGP BAD246F9]
More information about the Gnupg-users
mailing list