How to decrypt a message while preserving the signature?
Mark H Weaver
mhw at netris.org
Sun Nov 3 06:55:03 CET 2019
Tony Lane wrote:
>> Does GnuPG provide a mechanism to decrypt an encrypted-and-signed
>> message in such a way that preserves the original signature, such that
>> the original signature can be independently verified by an arbitrary
>> third-party?
>
> The term you're looking for is a detached signature.
> You can create a detached signature (or any signature, really) only if
> you possess the private key.
I know what a detached signature is. You misunderstood what I'm asking
for.
In simple terms, my understanding is that when you sign-and-encrypt a
message, it is first signed, resulting in a signed message (a message
plus signature), and then the signed message (message plus signature) is
encrypted. The details are likely more complicated, but at a high level
of abstraction, that's my understanding of what's going on. Please
correct me if I'm wrong.
I'm asking if there's a way to decrypt the message while preserving the
existing signed message. Of course, this requires the private
decryption key, but it should *not* require the private signing key.
I can study the details and implement this myself if necessary, but to
save myself precious time and energy, I'm asking if GnuPG already
provides a mechanism to do this. More generally, does there exist free
software to do this?
Thanks,
Mark
More information about the Gnupg-users
mailing list