GPG file seperation

Werner Koch wk at gnupg.org
Thu Feb 23 15:28:54 CET 2012


On Thu, 23 Feb 2012 00:12, houseurmusic at gmail.com said:

> My question is there a way I can use gpg through the command line to
> decrypt a concatenated file of gpg encrypted entities.

We removed such feature a long time ago because it made it too easy to
fake signature status information.  This has to do with the various
allowed formats for a signature and the general problem to synchronize
the status information with the actual data.

> If there is no way this can work, my other idea would require me inserting
> some kind of footer so I can tell when the gpg file ends. Is there a
> character I can use that guaranteed not to be used by GPG?

No you can't.  Encrypted data is random and thus any sequence of
delimiters you want to use may also be part of the payload.

I am not sure whether I understood your question, but anyway: If you
look at the packet structure and the partial length encoding as used by
OpenPGP, you may find a way to re-pack them as you like.  Check out
tools/gpgsplit.c for a basic parser.  It is possible to insert special
marker packets and use them.  In any case you need a wrapper and an
unwrapper process but then it will be easier to use split(1) and cat(1)
directly.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list