diff options
| author | Ingo Klöcker <[email protected]> | 2023-12-15 09:05:19 +0000 |
|---|---|---|
| committer | Ingo Klöcker <[email protected]> | 2023-12-19 12:09:33 +0000 |
| commit | 963ace1f9f39f09fee522b996e05d42040b1f4b4 (patch) | |
| tree | 67a375f39ead00e24aea7082ed1163b0bd26c4b7 /doc/gpgme.texi | |
| parent | core: Support direct encryption of file with gpg (diff) | |
| download | gpgme-963ace1f9f39f09fee522b996e05d42040b1f4b4.tar.gz gpgme-963ace1f9f39f09fee522b996e05d42040b1f4b4.zip | |
core: Support direct signing of file with gpg
* src/gpgme.h.in (GPGME_SIG_MODE_FILE): New signature mode flag.
* src/engine-gpg.c (gpg_sign): Separate signature mode from additional
flags. Check for incompatible flags. Explicitly set output to stdout if
no output file is used. Pass filename instead of fd to gpg when new flag
is set.
* src/engine-gpgsm.c (gpgsm_sign): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_sign): Ditto.
* src/sign.c (sign_start): Consider new flag on check for invalid flags.
* tests/run-sign.c (show_usage): New options --detach and
--direct-file-io.
(main): Parse new options. Create a detached signature if --detach is
given. Make gpg read the input file itself if --direct-file-io is given.
--
With this change the gpgme_op_sign* functions gain the possibility to
make gpg read the data to sign directly from a file instead of from an
input FD to which it is written by gpgme.
GnuPG-bug-id: 6550
Diffstat (limited to 'doc/gpgme.texi')
| -rw-r--r-- | doc/gpgme.texi | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 0ec70a55..e7a568a3 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -6366,6 +6366,16 @@ A signed archive is created from the given files and directories. This feature is currently only supported for the OpenPGP crypto engine and requires GnuPG 2.4.1. +@item GPGME_SIG_MODE_FILE +@since{1.24.0} + +The filename set with @code{gpgme_data_set_file_name} for the data object +@var{plain} is passed to gpg, so that gpg reads the plaintext directly from +this file instead of from the data object @var{plain}. This flag can be +combined with @code{GPGME_SIG_MODE_NORMAL}, @code{GPGME_SIG_MODE_DETACH}, +and @code{GPGME_SIG_MODE_CLEAR}, but not with @code{GPGME_SIG_MODE_ARCHIVE}. +This feature is currently only supported for the OpenPGP crypto engine. + @end table @end deftp @@ -6379,7 +6389,12 @@ if that is not set, by the encoding specified for @var{sig}), the text mode attributes set for the context @var{ctx} and the requested signature mode @var{mode}. -If signature mode @code{GPGME_SIG_MODE_ARCHIVE} is requested, then a +If the signature mode flag @code{GPGME_SIG_MODE_FILE} is set and a filename +has been set with @code{gpgme_data_set_file_name} for the data object +@var{plain}, then this filename is passed to gpg, so that gpg reads the +plaintext directly from this file instead of from the data object @var{plain}. + +If signature mode @code{GPGME_SIG_MODE_ARCHIVE} is requested then a signed archive is created from the files and directories given as NUL-separated list in the data object @var{plain}. The paths of the files and directories have to be given as paths relative to the current working |