Multiple signatures
David Shaw
dshaw at jabberwocky.com
Mon Oct 3 23:59:59 CEST 2011
On Oct 3, 2011, at 1:49 PM, pet jemen wrote:
> Hi,
>
> I want to sign binary data in OpenPGP Message Format.
> I want sign it by two or more keys.
> According to http://tools.ietf.org/html/rfc4880#section-5.4 it seems it is possible.
> (A one-octet number holding a flag showing whether the signature is nested. A zero value indicates that the next packet is another One-Pass Signature packet that describes another signature to be applied to the same message data.)
>
> I'd like to use gpg from command-line to sign an input file by two keys.
> I tried to sign it by:
> gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u "test1 (test1) <test1 at test1.org>" -o %1.signed --sign %1
> gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u "test2 (test2) <test2 at test2.org>" -o %1.signed2 --sign %1.signed
>
> But the second signature signed the first one also with the first signature.
> I need to sign it in way were I can verify signature of signed data by both keys (the last octet of One-Pass Signature Packets (Tag 4) packet should be equal to zero).
Just repeat -u as many times as you need:
gpg -u the-first-key -u the-second-key -u the-third-key -u etc --sign thefile
David
More information about the Gnupg-users
mailing list