[pkg-gnupg-maint] Bug#826405: --with-colons output is not forced to UTF-8 in error messages
Enrico Zini
enrico at debian.org
Sun Jun 5 13:40:24 UTC 2016
On Sun, Jun 05, 2016 at 03:04:07PM +0200, Werner Koch wrote:
> On Sun, 5 Jun 2016 13:24, enrico at debian.org said:
>
> > However, given a file with a bad signature, I still need
> > --display-charset utf-8 to get utf-8 output regardless of locale:
>
> Use --status-fd 2. --with-colons is only used for keylistings. Error
> messages etc. are send to the status fd, prefixed with "[GNUPG:]".
> Ignore all other output to stderr.
In production code I actually use this to verify signature on
clearsigned text submitted via a web form:
1. I create a temporary directory and use it also as a blank gnupg
homedir
2. I import the trusted key into it, taken from the user database,
where only the key matching the user-provided fingerprints actually
gets imported
3. /usr/bin/gpg --homedir …/data/tmp_keyrings/tmpKG5IVZ -q --no-options --no-auto-check-trustdb --trust-model always --with-colons --fixed-list-mode --with-fingerprint --no-permission-warning --no-tty --batch --display-charset utf-8 --status-fd 3 --logger-fd 4 --decrypt …/data/tmp_keyrings/tmpKG5IVZ/data.txt
The actual function is at http://anonscm.debian.org/cgit/nm/nm2.git/tree/keyring/models.py#n159
Indeed, out of habit, in case gnupg exited with nonzero error code I was
looking at stderr instead of the status-fd.
Enrico
--
GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini <enrico at enricozini.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20160605/3671d87e/attachment.sig>
More information about the pkg-gnupg-maint
mailing list