UI Server Verify (The ‘GnuPG Made Easy’ Reference Manual)

A.4 UI Server: Verify a Message

The server needs to support the verification of opaque signatures as well as detached signatures. The kind of input sources controls what kind message is to be verified.

Command: MESSAGE FD=n: This command is used with detached signatures to set the file descriptor for the signed data to n. The data is binary encoded (used verbatim). For details on the file descriptor, see the description of INPUT in the ENCRYPT section.

Command: INPUT FD=n: Set the file descriptor for the opaque message or the signature part of a detached signature to n. The message send to the server is either binary encoded or – in the case of OpenPGP – ASCII armored. For details on the file descriptor, see the description of INPUT in the ENCRYPT section.

Command: OUTPUT FD=n: Set the file descriptor to be used for the output. The output is binary encoded and only used for opaque signatures. For details on the file descriptor, see the description of INPUT in the ENCRYPT section.

The verification is then started using:

Command: VERIFY --protocol=name [--silent]

name is the signing protocol used for the message. For a description of the allowed protocols see the ENCRYPT command. This argument is mandatory. Depending on the combination of MESSAGE INPUT and OUTPUT commands, the server needs to select the appropriate verification mode:

MESSAGE and INPUT: This indicates a detached signature. Output data is not applicable.
INPUT: This indicates an opaque signature. As no output command has been given, the server is only required to check the signature.
INPUT and OUTPUT: This indicates an opaque signature. The server shall write the signed data to the file descriptor set by the output command. This data shall even be written if the signatures can’t be verified.

With --silent the server shall not display any dialog; this is for example used by the client to get the content of opaque signed messages. The client expects the server to send at least this status information before the final OK response:

Status line: SIGSTATUS flag displaystring

Returns the status for the signature and a short string explaining the status. Valid values for flag are:

none: The message has a signature but it could not not be verified due to a missing key.
green: The signature is fully valid.
yellow: The signature is valid but additional information was shown regarding the validity of the key.
red: The signature is not valid.

displaystring is a percent-and-plus-encoded string with a short human readable description of the status. For example

S SIGSTATUS green Good+signature+from+Keith+Moon+<[email protected]>

Note that this string needs to fit into an Assuan line and should be short enough to be displayed as short one-liner on the clients window. As usual the encoding of this string is UTF-8 and it should be send in its translated form.

The server shall send one status line for every signature found on the message.