--clearsign with file containing --

5468696A6D656E thijmen@xs4all.nl
Tue Mar 18 19:30:01 2003


Thanks for pointing me out to that option, but it doesn't suit my need ei=
ther :-)
I now avoid it, by using --detach-sign, and i reconstruct input and outpu=
t into
a pgp/mime message. Since the content of a pgp/mime signed message
can contain multipart mime, and thus a boundary (which could contain more=
 than
5 dashes), which has to remain intact.

Only problem left is how i can know which hash is used when i
execute --detach-sign.=20
Using --status-fd does not show the hash either.

Only thing i can think of is this:
gpg -a --clearsign -o output input
(get the used hash from the Hash: header)
gpg -a --detach-sign -o output input
(use hash, input and output to construct a rfc 3156 signature)

Am i missing something obvious to make this easier?

Th.

On Tue, Mar 18, 2003 at 12:32:37PM -0500, Todd wrote:
>=20
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>=20
> 5468696A6D656E wrote:
> > As you can see, gpg altered the input and prepended a "-" character.
> >
> > Is there any way i can prevent gpg of altering the input data?
> > Why is it doing it anyway? I dont want to use --sign in this particul=
ar
> > case, only --clearsign suits my need.
>=20
> - From the fine manual:
>=20
>        --not-dash-escaped
>                  This option changes the  behavior  of  cleartext
>                  signatures  so  that  they can be used for patch
>                  files. You should not send such an armored  file
>                  via  email  because  all spaces and line endings
>                  are hashed too.  You can not use this option for
>                  data  which  has  5 dashes at the beginning of a
>                  line, patch files don't  have  this.  A  special
>                  armor header line tells GnuPG about this cleart=AD
>                  ext signature option.
>=20
> It's not something you want to use except for patch files, basically.  =
I
> don't think any OpenPGP apps other than gpg handle it correctly.  Perha=
ps
> someone else can tell you for sure about that.
>=20
> - --=20
> Todd              OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tm=
z/pgp
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
> The trouble with opportunity is that it always comes disguised as hard =
work.
>     -- Herbert V. Prochnow
>=20
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
>=20
> iD8DBQE+d1g1uv+09NZUB1oRApyaAJwLAlVXHKK6z1bbNNr1HTc2RN7SggCcCgLe
> 5sGnYFMX5b7mvpTZhDgaRg0=3D
> =3D6d04
> -----END PGP SIGNATURE-----
>=20
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

--=20
__Thijmen Klok________