manpagez: man pages & more
info gpgme
Home | html | info | man

File: gpgme.info,  Node: UI Server Verify,  Next: UI Server Set Input Files,  Prev: UI Server Decrypt,  Up: UI Server Protocol

A.4 UI Server: Verify a Message
===============================

The server needs to support the verification of opaque signatures as
well as detached signatures.  The kind of input sources controls what
kind message is to be verified.

 -- Command: MESSAGE FD=N
     This command is used with detached signatures to set the file
     descriptor for the signed data to N.  The data is binary encoded
     (used verbatim).  For details on the file descriptor, see the
     description of ‘INPUT’ in the ‘ENCRYPT’ section.

 -- Command: INPUT FD=N
     Set the file descriptor for the opaque message or the signature
     part of a detached signature to N.  The message send to the server
     is either binary encoded or – in the case of OpenPGP – ASCII
     armored.  For details on the file descriptor, see the description
     of ‘INPUT’ in the ‘ENCRYPT’ section.

 -- Command: OUTPUT FD=N
     Set the file descriptor to be used for the output.  The output is
     binary encoded and only used for opaque signatures.  For details on
     the file descriptor, see the description of ‘INPUT’ in the
     ‘ENCRYPT’ section.

The verification is then started using:

 -- Command: VERIFY --protocol=NAME [--silent]
     NAME is the signing protocol used for the message.  For a
     description of the allowed protocols see the ‘ENCRYPT’ command.
     This argument is mandatory.  Depending on the combination of
     ‘MESSAGE’ ‘INPUT’ and ‘OUTPUT’ commands, the server needs to select
     the appropriate verification mode:

     MESSAGE and INPUT
          This indicates a detached signature.  Output data is not
          applicable.
     INPUT
          This indicates an opaque signature.  As no output command has
          been given, the server is only required to check the
          signature.
     INPUT and OUTPUT
          This indicates an opaque signature.  The server shall write
          the signed data to the file descriptor set by the output
          command.  This data shall even be written if the signatures
          can’t be verified.

   With ‘--silent’ the server shall not display any dialog; this is for
example used by the client to get the content of opaque signed messages.
The client expects the server to send at least this status information
before the final OK response:

 -- Status line: SIGSTATUS FLAG DISPLAYSTRING
     Returns the status for the signature and a short string explaining
     the status.  Valid values for FLAG are:

     ‘none’
          The message has a signature but it could not not be verified
          due to a missing key.
     ‘green’
          The signature is fully valid.
     ‘yellow’
          The signature is valid but additional information was shown
          regarding the validity of the key.
     ‘red’
          The signature is not valid.

     DISPLAYSTRING is a percent-and-plus-encoded string with a short
     human readable description of the status.  For example

          S SIGSTATUS green Good+signature+from+Keith+Moon+

     Note that this string needs to fit into an Assuan line and should
     be short enough to be displayed as short one-liner on the clients
     window.  As usual the encoding of this string is UTF-8 and it
     should be send in its translated form.

     The server shall send one status line for every signature found on
     the message.

© manpagez.com 2000-2024
Individual documents may contain additional copyright information.