Extracting a single signature from a file containing multiple signatures

Derek Price derek at ximbiot.com
Wed Sep 21 17:52:08 CEST 2005


Say `gpg --detach-sign' were used to create several detached signatures
and they were concatenated into the same file.  Is there a simple way to
separate those signatures again?  Is there documentation of the gpg
signature file format online?

(I am looking into allowing CVS revisions to be signed in the CVS
repository, potentially by multiple users, and I want to know if I can
store multiple signatures in a single binary string (I know that gpg
--verify can handle this) or if I need to keep them separate, to allow
for admins to later delete single, possibly expired, signatures from the
signature blob by keyid.  Once I get the signatures separated again, I
can exec gpg to extract the keyid, but if I cannot separate them, this
won't work to find and delete a single signature from the blob.)

Thanks,

Derek

-- 
Derek R. Price
CVS Solutions Architect
Ximbiot <http://ximbiot.com>
v: +1 717.579.6168
f: +1 717.234.3125
<mailto:derek at ximbiot.com>





More information about the Gnupg-users mailing list