Encrypt a signed text

vedaal at nym.hush.com vedaal at nym.hush.com
Mon Jul 7 18:49:41 CEST 2014

On 7/7/2014 at 10:42 AM, "Walter Lange" <trial at gmx.org> wrote:

>I would like to encrypt a signed (with ASCII armor) text. It 
>should take
>two steps, because I want to use two different machines, a local 
>one to
>sign and a remote machine which encrypts. The result should be the 
>as the encrypted and signed one in one step. Is that possible?


Not the way you want it.

It will have the same end result, in that the signature can be verified, on the same text,
and the decryption will show the text and verify the signature,

But in the case where it is a one step process, the decrypted plaintext will not have the signature as part of the text.

The other way is possible.

It is possible to encrypt and sign as one step, and then armor the signature and attach it to the decrypted plaintext to make it look like it was first clearsigned, or armored signed, and then encrypted.

The problem with doing it the way you want, is that while it is possible to remove the signature and save it as a detached signature,
it is not (afaik) possible to bind that detached signature to the plaintext and have it encrypted as one process. I would need to be zipped together or otherwise connected first.


More information about the Gnupg-users mailing list