How to decrypt a message while preserving the signature?

Mark H Weaver mhw at
Sun Nov 3 08:06:13 CET 2019

Tony Lane wrote:

> On 11/3/19 1:55 AM, Mark H Weaver wrote:
>> I'm asking if there's a way to decrypt the message while preserving the
>> existing signed message.  Of course, this requires the private
>> decryption key, but it should *not* require the private signing key.
> I do not think there is a way to do this. When both '-s' and '-r' options
> are used for some given file, the decryption operation atomically decrypts
> and verifies the file.

"Atomically", really?  I'm aware that the high-level user interface
makes it *appear* to be atomic, but if you actually believe it's atomic,
I think you are demonstrating that your knowledge of cryptography and
OpenPGP formats is even more superficial than my own.

Incidentally, I one of the first developers hired by PGP, Inc, and one
of the authors of PGP 5.x.  I worked with Phil Zimmermann quite closely,
and also with Hal Finney, RIP.  It was the last nonfree software I
worked on, back in the late 1990s.  Obviously, I did not work on the
actual cryptographic operations--my areas were the key management code,
cross-platform layer, API design, and design and production of the
scannable printed source code books that allowed PGP to be legally
exported to Europe for the first time.  Please do not mistake me for a

I'm reading RFC 4880 now, to get my own answers.  Still, I would be
grateful if someone with deeper knowledge would answer my question.


More information about the Gnupg-users mailing list