Extract signature key ID with gpgme

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jan 11 14:48:19 CET 2018


On Thu 2018-01-11 16:19:10 +1000, Allan McRae wrote:

> I am looking for a way to extract the issuer key ID from a signature
> file using gpgme without firstly having verified the signature.
> Basically, doing something like what gpg --list-packets does.
>
> My software current has a homemade sig file parser that extracts the key
> ID from a number of signature files, then it confirms all needed keys
> are in the keyring before going onto verify the files.  I'd like to
> replace the homemade parser with something more robust.

I don't see a way to do this with gpgme besides first trying to verify
the signature, parsing the results, and using the info from those parsed
results.

But i can see why you'd want to do this, particularly if the thing
signed is large and potentially expensive to verify.  anyway, i've
opened an issue to track this feature request:

   https://dev.gnupg.org/T3734

regards,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180111/3de9f200/attachment.sig>


More information about the Gnupg-users mailing list