Signing a message

88 views
Skip to first unread message

Jim Klo (SRI)

unread,
May 4, 2011, 6:43:51 PM5/4/11
to python-gnupg
Hi,

I'm trying to mock up a sample string signature example, and having
some issues:


gpg = gnupg.GPG(gnupghome='/Users/jklo', gpgbinary="/usr/local/bin/
gpg", keyring="/Users/jklo/.gnupg/secring.gpg")

gpgPrefs = {
"keyid" : "E8BC BCB8 994A 293C 10DD CBC5 A8A7 90EA 2204
03B7",
"passphrase" : "Super Secret",
"clearsign" : True
}

msg = "The quick brown fox jumped over the lazy dogs."

s0 = gpg.sign(msg, **gpgPrefs)


I keep getting this same error:
usage: gpg [options] --clearsign [filename]


What might I be doing wrong?


I'm on Mac OS X 10.6.7, Python 2.7, and gpg 1.4.6 & 2.0.17 via MacGPG.

Vinay Sajip

unread,
May 6, 2011, 2:35:25 PM5/6/11
to python-gnupg
On May 4, 11:43 pm, "Jim Klo (SRI)" <jim....@sri.com> wrote:

>
> What might I be doing wrong?
>
> I'm on Mac OS X 10.6.7, Python 2.7, and gpg 1.4.6 & 2.0.17 via MacGPG.

I've only ever tested with gpg 1.4.9 and later, and I haven't been
able to test at all on Mac OS X. Can you get it to work interactively
using only gpg from the shell?

Regards,

Vinay Sajip

Vinay Sajip

unread,
May 7, 2011, 8:32:18 AM5/7/11
to python-gnupg

On May 4, 10:43 pm, "Jim Klo (SRI)" <jim....@sri.com> wrote:

> I keep getting this same error:
>         usage: gpg [options] --clearsign [filename]
>
> What might I be doing wrong?
>
> I'm on Mac OS X 10.6.7, Python 2.7, and gpg 1.4.6 & 2.0.17 via MacGPG.

I managed to test on a Mac OSX system: 10.5.8, Python 2.5, MacGPG
1.4.9. Everything seems to work:

import gnupg
gpg = gnupg.GPG(gnupghome='keys')
print('Generating keys for testing:')
key = generate_key(gpg, "Andrew", "Able", "alpha.com",
passphrase="andy")
andrew = key.fingerprint
data = 'Top secret'
d = {
'keyid': andrew,
'passphrase': 'andy',
}
signed = gpg.sign(data, **d)
assert signed
print('Signed, clearsign:')
print(str(signed))

Note that you don't need to specify clearsign, as that's the default.
Result:

Generating keys for testing:
Signed, clearsign:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Top secret
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iEYEARECAAYFAk3FOskACgkQnQwjkB5r1RTJOQCgjzciAI/0Q+QQF0imcgaGQ3M3
n4QAoIrTfg19KTBhYQjc1ZPfnvZb6AUJ
=jAxr
-----END PGP SIGNATURE-----

Regards,

Vinay Sajip

Jim Klo

unread,
May 5, 2011, 12:35:17 AM5/5/11
to python...@googlegroups.com
I solved my problem.

3 issues, I have the wrong directory for gnupghome, don't need to specify the keyring, and was using the fingerprint for keyid.


Jim Klo
Senior Software Engineer
Center for Software Engineering
SRI International



Jim Klo

unread,
May 7, 2011, 10:41:45 AM5/7/11
to python...@googlegroups.com
Hi Vinay,

Thanks, I got it working. It seems private keys cannot be found when you specify the keying file, plus I had the wrong home directory. I could validate, but not sign.

- Jim

Reply all
Reply to author
Forward
0 new messages