On 1/14/2021 10:37 AM, ved...@nym.hush.com wrote:
On 1/14/2021 at 4:47 AM, "Ayoub Misherghi via Gnupg-users" <gnupg-users@gnupg.org> wrote:


I am encrypting and signing documents with myself as the receiver. Nobody else will want to look inside them. Is it possible to add encrypted comments or other information to a separated signature file; and later retrieve this additional information? I want to be able to decrypt the signature file alone and retrieve all the information I put inside it.


=====

Not exactly, 

but functionally, yes, it can be done.


[1] Armor the signature file    (   gpg --armor filename.sig  )   this outputs to filename.sig.asc


[2[ Armor your encrypted comments, and copy them to the end of the filename.sig.asc,

(leave one blank line between the pgp footer of the signature file, and the pgp header of the encrypted file)


[3] Save the whole thing as filename.sig.asc


[4] gpg filename.sig,asc  will automatically verify the sig if the original signed file 'filename' is present, and also decrypt the added comments


vedaal

=====

I have the concern that if this is not part of GPG, future versions of GPG may not allow it; leaving me in the lurch.


I have these questions:

[Q1] Does this mean "filename.sig.asc" will still be decrypted if "filename" is not present?

[Q2] Is there a reason why the functionality is missing from GPG?

[Q3] The references I find on the internet are directed at users of GPG and not

developers of applications of GPG, can you  please direct me to references that

show me things like the format of the signature file, armor and not?


Thanks,

Ayoub


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to