File: gpgme.info,  Node: UI Server Decrypt,  Next: UI Server Verify,  Prev: UI Server Sign,  Up: UI Server Protocol

A.3 UI Server: Decrypt a Message
================================

Decryption may include the verification of OpenPGP messages.  This is
due to the often used combined signing/encryption modus of OpenPGP. The
client may pass an option to the server to inhibit the signature
verification.  The following two commands are required to set the input
and output file descriptors:

 -- Command: INPUT FD=N
     Set the file descriptor for the message to be decrypted to N.  The
     message send to the server is either binary encoded or — in the
     case of OpenPGP — ASCII armored.  For details on the file
     descriptor, see the description of ‘INPUT’ in the ‘ENCRYPT’
     section.

 -- Command: OUTPUT FD=N
     Set the file descriptor to be used for the output.  The output is
     binary encoded.  For details on the file descriptor, see the
     description of ‘INPUT’ in the ‘ENCRYPT’ section.

The decryption is started with the command:

 -- Command: DECRYPT --protocol=NAME [--no-verify]
          [--export-session-key]
     NAME is the encryption protocol used for the message.  For a
     description of the allowed protocols see the ‘ENCRYPT’ command.
     This argument is mandatory.  If the option ‘--no-verify’ is given,
     the server should not try to verify a signature, in case the input
     data is an OpenPGP combined message.  If the option
     ‘--export-session-key’ is given and the underlying engine knows how
     to export the session key, it will appear on a status line