Is signing a file with multiple keys possible
thomas.jarosch at intra2net.com
Sat Mar 24 14:19:25 CET 2018
On 03/24/2018 02:04 AM, Dirk Gottschalk via Gnupg-users wrote:
>>> Is it possible to sign a file with multiple keys?
>> Yes. Slightly lower-level operations than normal signing, but not by
>> much, you just need to know about enarmor/dearmor and how signatures
>> put together.
> Thank you very much. It's like chaining up PEM Certs in OpenSSL. Why
> didn't I even think about this? The Format is so similar.
it's even easier when two or more people sign at the same time,
just supply "-u KEYID" multiple times.
At $dayjob our software updates are signed with two smartcards
(four eye principle). Here's the relevant part from the sign script:
gpg_cmd = ['/usr/bin/gpg2', '--personal-digest-preferences', 'sha256']
for gpg_id in gpg_sign_ids:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 236 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users