--verify --status-fd separator for multiple signatures?

Patrick Schleizer patrick-mailinglists at whonix.org
Fri Mar 20 19:41:10 CET 2015

Werner Koch:
> On Thu, 19 Mar 2015 18:39, patrick-mailinglists at whonix.org said:
>> when using --verify combined with --status-fd [or --status-file], how
>> can one notice in scripts, that processing the one signature is done and
>> that further status-fd messages belong to the next message?
> That is unfortunately a bit complicated due to different behaviour in
> gpgsm and gpg.  I suggest to do what we do in gpgme/src/verify.c .  Of
> course if would be useful to make sure that NEWSIG is also emitted by
> gpg but you also need to take care of older gpg versions.
> I assume adding NEWSIG to gpg has simply be forgotten.

Well, I don't speak C, so I can't make head or tail of "what we do in

Maybe let's put it this way. If there is no guarantee to get a NEWSIG or
other separator... Is there a limited combination of start and end keywords?

What I mean... Here is an example...

start: [GNUPG:] ERRSIG [...]
end__: [GNUPG:] NODATA [...]

start: [GNUPG:] SIG_ID [...]
end__: [GNUPG:] TRUST_[...]

start: [GNUPG:] ERRSIG [...]
end__: [GNUPG:] NO_PUBKEY [...]

Is there a complete list of all possible start/end keyword combinations?


More information about the Gnupg-users mailing list