Multiple signatures

David Shaw dshaw at jabberwocky.com
Mon Oct 3 23:59:59 CEST 2011


On Oct 3, 2011, at 1:49 PM, pet jemen wrote:

> Hi,
> 
> I want to sign binary data in OpenPGP Message Format.
> I want sign it by two or more keys.
> According to http://tools.ietf.org/html/rfc4880#section-5.4 it seems it is possible.
>  (A one-octet number holding a flag showing whether the signature is nested.  A zero value indicates that the next packet is another One-Pass Signature packet that describes another signature to be applied to the same message data.)
> 
> I'd like to use gpg from command-line to sign an input file by two keys.
> I tried to sign it by:
>    gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u "test1 (test1) <test1 at test1.org>" -o %1.signed --sign %1
>    gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u "test2 (test2) <test2 at test2.org>" -o %1.signed2 --sign %1.signed
> 
> But the second signature signed the first one also with the first signature.
> I need to sign it in way were I can verify signature of signed data by both keys (the last octet of One-Pass Signature Packets (Tag 4) packet should be equal to zero).

Just repeat -u as many times as you need:

  gpg -u the-first-key -u the-second-key -u the-third-key -u etc --sign thefile

David




More information about the Gnupg-users mailing list