Next: , Previous: , Up: UI Server Protocol   [Contents][Index]


A.3 UI Server: Decrypt a Message

Decryption may include the verification of OpenPGP messages. This is due to the often used combined signing/encryption modus of OpenPGP. The client may pass an option to the server to inhibit the signature verification. The following two commands are required to set the input and output file descriptors:

Command: INPUT FD=n

Set the file descriptor for the message to be decrypted to n. The message send to the server is either binary encoded or — in the case of OpenPGP — ASCII armored. For details on the file descriptor, see the description of INPUT in the ENCRYPT section.

Command: OUTPUT FD=n

Set the file descriptor to be used for the output. The output is binary encoded. For details on the file descriptor, see the description of INPUT in the ENCRYPT section.

The decryption is started with the command:

Command: DECRYPT --protocol=name [--no-verify] [--export-session-key]

name is the encryption protocol used for the message. For a description of the allowed protocols see the ENCRYPT command. This argument is mandatory. If the option --no-verify is given, the server should not try to verify a signature, in case the input data is an OpenPGP combined message. If the option --export-session-key is given and the underlying engine knows how to export the session key, it will appear on a status line