verifying signature after decryption
vedaal at hush.com
vedaal at hush.com
Mon Apr 26 19:48:41 CEST 2004
>Message: 5
>Date: Sun, 25 Apr 2004 04:24:17 -0400 (EDT)
>From: Atom 'Smasher' <atom-gpg at suspicious.org>
>Subject: verifying signature after decryption
>alice sends me (and only me) a message that's signed+encrypted.
>i need to
>show bob that this message is signed by alice.
[...]
>question: is there a way to extract the signed message, including
>the
>signature, from an encrypted message?
>
>in other words, can i take alice's signed+encrypted message, and
>pass it
>to bob either in plaintext or encrypted to bob's key, while still
>maintaining alice's signature over her message?
>
>of course, it must be ~possible~ to do this, but is there any ~practical~
>way to do this?
yes,
but not (yet) with gnupg,
but very easily, for 'any' key type/signature hash/ or symmetric algorithm,
by using a pgp command-line program called
'filecrypt'
{the free demo download is all that is needed}
detailed example description is here:
http://www.angelfire.com/pr/pgpf/fcs.html
'filecrypt'
is here:
http://www.veridis.com/openpgp/en/index.asp#.html
hth,
vedaal
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
More information about the Gnupg-users
mailing list