File: gpgme.info, Node: UI Server Verify, Next: UI Server Set Input Files, Prev: UI Server Decrypt, Up: UI Server Protocol A.4 UI Server: Verify a Message =============================== The server needs to support the verification of opaque signatures as well as detached signatures. The kind of input sources controls what kind message is to be verified. -- Command: MESSAGE FD=N This command is used with detached signatures to set the file descriptor for the signed data to N. The data is binary encoded (used verbatim). For details on the file descriptor, see the description of ‘INPUT’ in the ‘ENCRYPT’ section. -- Command: INPUT FD=N Set the file descriptor for the opaque message or the signature part of a detached signature to N. The message send to the server is either binary encoded or – in the case of OpenPGP – ASCII armored. For details on the file descriptor, see the description of ‘INPUT’ in the ‘ENCRYPT’ section. -- Command: OUTPUT FD=N Set the file descriptor to be used for the output. The output is binary encoded and only used for opaque signatures. For details on the file descriptor, see the description of ‘INPUT’ in the ‘ENCRYPT’ section. The verification is then started using: -- Command: VERIFY --protocol=NAME [--silent] NAME is the signing protocol used for the message. For a description of the allowed protocols see the ‘ENCRYPT’ command. This argument is mandatory. Depending on the combination of ‘MESSAGE’ ‘INPUT’ and ‘OUTPUT’ commands, the server needs to select the appropriate verification mode: MESSAGE and INPUT This indicates a detached signature. Output data is not applicable. INPUT This indicates an opaque signature. As no output command has been given, the server is only required to check the signature. INPUT and OUTPUT This indicates an opaque signature. The server shall write the signed data to the file descriptor set by the output command. This data shall even be written if the signatures can’t be verified. With ‘--silent’ the server shall not display any dialog; this is for example used by the client to get the content of opaque signed messages. The client expects the server to send at least this status information before the final OK response: -- Status line: SIGSTATUS FLAG DISPLAYSTRING Returns the status for the signature and a short string explaining the status. Valid values for FLAG are: ‘none’ The message has a signature but it could not not be verified due to a missing key. ‘green’ The signature is fully valid. ‘yellow’ The signature is valid but additional information was shown regarding the validity of the key. ‘red’ The signature is not valid. DISPLAYSTRING is a percent-and-plus-encoded string with a short human readable description of the status. For example S SIGSTATUS green Good+signature+from+Keith+Moon+Note that this string needs to fit into an Assuan line and should be short enough to be displayed as short one-liner on the clients window. As usual the encoding of this string is UTF-8 and it should be send in its translated form. The server shall send one status line for every signature found on the message.