On Thu, 11 Jan 2018 07:19, al...@archlinux.org said: > I am looking for a way to extract the issuer key ID from a signature > file using gpgme without firstly having verified the signature.
There is no API for this and I am not sure how to do this best. The straightforward method would be to let gpgme run something gpg --dry-run --verify but that might even need changes to gpg. In case you want to do that for a lot of files it might be to slow without changing gpg to be used as a co-process. A dedicated API for and a simple parser in GPGME might really be better. Note that we already have a limited OpenPGP parser in gpgme to implement gpgme_data_identify. > My software current has a homemade sig file parser that extracts the key > ID from a number of signature files, then it confirms all needed keys > are in the keyring before going onto verify the files. I'd like to What is your assumptions on the number of files to test in one go? Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpjgzLOZAemS.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users