Multiple signatures

Doug Barton dougb at
Tue Oct 4 00:11:10 CEST 2011

On 10/03/2011 14:39, Aaron Toponce wrote:
> On Mon, Oct 03, 2011 at 07:49:21PM +0200, pet jemen wrote:
>> I want to sign binary data in OpenPGP Message Format.
>> I want sign it by two or more keys.
>> According to it seems it is
>> possible.
>>  (A one-octet number holding a flag showing whether the signature is
>> nested.  A zero value indicates that the next packet is another One-Pass
>> Signature packet that describes another signature to be applied to the same
>> message data.)
>> I'd like to use gpg from command-line to sign an input file by two keys.
>> I tried to sign it by:
>>    gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u "test1 (test1) <
>> test1 at>" -o %1.signed --sign %1
>>    gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u "test2 (test2) <
>> test2 at>" -o %1.signed2 --sign %1.signed
>> But the second signature signed the first one also with the first signature.
>> I need to sign it in way were I can verify signature of signed data by both
>> keys (the last octet of One-Pass Signature Packets (Tag 4) packet should be
>> equal to zero).
> You should use detached signatures:
>     $ gpg -b -u $KEYID1 file.txt > sig1.gpg
>     $ gpg -b -u $KEYID2 file.txt > sig2.gpg
> At this point, just concatenate the two detached sigs:
>     $ cat sig1.gpg sig2.gpg > signatures.gpg

Wouldn't it be easier to just use >>




	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)

More information about the Gnupg-users mailing list