--verify --status-fd separator for multiple signatures?
Patrick Schleizer
patrick-mailinglists at whonix.org
Fri Mar 20 19:41:10 CET 2015
Werner Koch:
> On Thu, 19 Mar 2015 18:39, patrick-mailinglists at whonix.org said:
>
>> when using --verify combined with --status-fd [or --status-file], how
>> can one notice in scripts, that processing the one signature is done and
>> that further status-fd messages belong to the next message?
>
> That is unfortunately a bit complicated due to different behaviour in
> gpgsm and gpg. I suggest to do what we do in gpgme/src/verify.c . Of
> course if would be useful to make sure that NEWSIG is also emitted by
> gpg but you also need to take care of older gpg versions.
>
> I assume adding NEWSIG to gpg has simply be forgotten.
Well, I don't speak C, so I can't make head or tail of "what we do in
gpgme/src/verify.c".
Maybe let's put it this way. If there is no guarantee to get a NEWSIG or
other separator... Is there a limited combination of start and end keywords?
What I mean... Here is an example...
start: [GNUPG:] ERRSIG [...]
end__: [GNUPG:] NODATA [...]
start: [GNUPG:] SIG_ID [...]
end__: [GNUPG:] TRUST_[...]
start: [GNUPG:] ERRSIG [...]
end__: [GNUPG:] NO_PUBKEY [...]
Is there a complete list of all possible start/end keyword combinations?
Cheers,
Patrick
More information about the Gnupg-users
mailing list