Adding a OpenPGP signature to an already signed document? [closed]

穿精又带淫゛_ 提交于 2019-12-04 13:17:21

问题


We'd like to implement a workflow that requires multiple people to digitallly sign a document. If I have multiple secret keys in my own keychain, I can do something as simple as:

gpg --sign -u userid1 -u userid2 filename

But what do I do if I've got an already signed document and I want to add a signature? One solution would be to have everyone generate detached signatures for the document, and then package them all together in a zip file or something, but the overhead there is substantially higher. Is there a better way?


回答1:


No need to ZIP them: you can simply concatenate detached signatures in a single file and all will be verified one after another.

% gpg -b -u $ID1 -o prova.c.sig1 prova.c
% gpg -b -u $ID2 -o prova.c.sig2 prova.c
% cat prova.c.sig1 prova.c.sig2 >prova.c.sig
% gpg prova.c.sig
gpg: Signature made Mar  1 Set 18:16:09 2009 CEST using RSA key ID $ID1
gpg: Good signature from "Lapo Luchini <lapo@lapo.it>"
gpg: Signature made Mar  1 Set 18:16:25 2009 CEST using RSA key ID $ID2
gpg: Good signature from "Lapo Luchini <lapo@lapo.it>"

I have verified that this works as well with ASCII-armored files tough in that case the output file size is sub-optimal since the header is repeated for each signature and it might be better to first concatenate the binary signatures and them ASCII-armor the whole thing.

I don't know OpenPGP format well enough to be sure, but I guess you can probably also have a software that, given a file and some detached signatures, makes a single attached signature with the signature packets extracted from all of them, though that would need more time to be implemented (if at all possible: maybe there are different packets for attached and detached signatures and one can't be converted in the other, but I would bet the packet is only one type).



来源:https://stackoverflow.com/questions/1202508/adding-a-openpgp-signature-to-an-already-signed-document

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!