On 05/09/18 16:29, Fiedler Roman wrote:
> Apart from that, is not the
>
> [GNUPG:] VALIDSIG 25CE8B1D52A5B231543F8D660EE7BE094144A67F 2018-09-05
> 1536157493 0 4 0 1 8 00 25CE8B1D52A5B231543F8D660EE7BE094144A67F
>
> more suited for checking?
Generally: no. It just indicates the signature is
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 05/09/18 10:45, Fiedler Roman wrote:
> > * Decrypt and verify with gpg1 on receiver side:
> >
> > /usr/bin/gpg1 --no-options --homedir Receiver --no-default-keyring --
> keyring Sender/SenderKey.pub --lock-never --trust-model always
On 05/09/18 10:45, Fiedler Roman wrote:
> * Decrypt and verify with gpg1 on receiver side:
>
> /usr/bin/gpg1 --no-options --homedir Receiver --no-default-keyring --keyring
> Sender/SenderKey.pub --lock-never --trust-model always --batch
> --display-charset utf-8 --status-fd 2 --decrypt
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Wed, 5 Sep 2018 10:45, roman.fied...@ait.ac.at said:
>
> > No, this is a signed AND encrypted message. Can gpgv only be
> > used to verify signatures on signed-only but not signed AND
> > encrypted messages, maybe due to encrypt AFTER sign
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Tue, 4 Sep 2018 18:31, roman.fied...@ait.ac.at said:
>
> > At which byte offset should I find the signer key fingerprint?
>
> That is an encrypted message and thus can you seen the the signature.
That is good, one more issue not having to care
On Tue, 4 Sep 2018 18:31, roman.fied...@ait.ac.at said:
> At which byte offset should I find the signer key fingerprint?
That is an encrypted message and thus can you seen the the signature.
>> Leaving this out would not help because it is easy to
>> figure out the key by trial verification
On Wed, 5 Sep 2018 10:45, roman.fied...@ait.ac.at said:
> No, this is a signed AND encrypted message. Can gpgv only be
> used to verify signatures on signed-only but not signed AND
> encrypted messages, maybe due to encrypt AFTER sign scheme?
Correct. The signature is encrypted and thus it
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
> ...
> $ gpgv --keyring ./key.gpg data.gpg
>
> > Splitting up the message gives me
> >
> > 01-001.pk_enc
> > 02-018.encrypted_mdc
>
> This is an encrypted message. gpgv can't do anything with it.
No, this is a signed AND encrypted
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 04/09/18 18:31, Fiedler Roman wrote:
> > /usr/bin/gpgv --status-fd 2 --homedir /proc/self/fd/nonexistent --keyring
> sign.pub /proc/self/fd/0
>
> You missed my point. You are not including a slash in the keyring
> argument, so gpgv is
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Tue, 4 Sep 2018 10:08, roman.fied...@ait.ac.at said:
>
> > [GNUPG:] UNEXPECTED 0
>
> The signature is corrupted in that it has a packet which is expected
> only in a key. Or the provided key has a data signature packet etc.
I hope not :-) If any
On Tue, 4 Sep 2018 10:08, roman.fied...@ait.ac.at said:
> [GNUPG:] UNEXPECTED 0
The signature is corrupted in that it has a packet which is expected
only in a key. Or the provided key has a data signature packet etc.
How did you create the keyfile and the signature?
> Could it be, that
On Tue, 4 Sep 2018 09:52, roman.fied...@ait.ac.at said:
> Werner gave a good solution in another followup message. May I recommend
> updating the online docu/man page for "--verify" with something like this?
we have
Note: Sometimes the use of the @command{gpgv} tool is easier than
using
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 04/09/18 15:22, Peter Lebbing wrote:
> > I don't understand, could you give commands, expected behaviour and
> > actual output?
>
> To clarify, I thought you were giving an example of "starting gpgv
> without any keyring at all",
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 04/09/18 09:52, Fiedler Roman wrote:
> > Maybe the current hammer documentation should be updated, to remove
> > the "--use-as-hammer" options? Or at least declare, that they shall not
> > be used that way. See:
> >
> >
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Mon, 3 Sep 2018 19:25, pe...@digitalbrains.com said:
>
> > It could be that recently an option was added to check a signature by a
> > certificate in a file, but in general you need to import a certificate
>
> No, that is nlot the case. We only
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 03/09/18 18:56, Fiedler Roman wrote:
> > With gpg1 a similar command should have verified, that the signature
> > is exactly from the single public key stored in "key.pub".
>
> This has never been a supported use of gpg, it just happened
On Mon, 3 Sep 2018 19:25, pe...@digitalbrains.com said:
> It could be that recently an option was added to check a signature by a
> certificate in a file, but in general you need to import a certificate
No, that is nlot the case. We only added the option -f to encrypt to a
key taken from a
On 03/09/18 18:56, Fiedler Roman wrote:
> With gpg1 a similar command should have verified, that the signature
> is exactly from the single public key stored in "key.pub".
This has never been a supported use of gpg, it just happened to work
because GnuPG 1.4 happened to use a bunch of exported
Hello List,
Just for the records: a gnupg2 "ERROR key_generate 33554531" is fixed by
sending " %no-protection" via the command-fd. It seems that a password-less key
was generated with gpg1 just by not setting a password. With gnupg2 this
command is needed.
@Devs: It would be really nice to
19 matches
Mail list logo