Next: , Up: GPGSM Protocol


4.6.1 Encrypting a Message

Before encryption can be done the recipient must be set using the command:

       RECIPIENT userID

Set the recipient for the encryption. userID should be the internal representation of the key; the server may accept any other way of specification. If this is a valid and trusted recipient the server does respond with OK, otherwise the return is an ERR with the reason why the recipient cannot be used, the encryption will then not be done for this recipient. If the policy is not to encrypt at all if not all recipients are valid, the client has to take care of this. All RECIPIENT commands are cumulative until a RESET or an successful ENCRYPT command.

       INPUT FD[=n] [--armor|--base64|--binary]

Set the file descriptor for the message to be encrypted to n. Obviously the pipe must be open at that point, the server establishes its own end. If the server returns an error the client should consider this session failed. If n is not given, this commands uses the last file descriptor passed to the application. See the assuan_sendfd function, on how to do descriptor passing.

The --armor option may be used to advice the server that the input data is in PEM format, --base64 advices that a raw base-64 encoding is used, --binary advices of raw binary input (BER). If none of these options is used, the server tries to figure out the used encoding, but this may not always be correct.

       OUTPUT FD[=n] [--armor|--base64]

Set the file descriptor to be used for the output (i.e. the encrypted message). Obviously the pipe must be open at that point, the server establishes its own end. If the server returns an error he client should consider this session failed.

The option armor encodes the output in PEM format, the --base64 option applies just a base 64 encoding. No option creates binary output (BER).

The actual encryption is done using the command

       ENCRYPT

It takes the plaintext from the INPUT command, writes to the ciphertext to the file descriptor set with the OUTPUT command, take the recipients from all the recipients set so far. If this command fails the clients should try to delete all output currently done or otherwise mark it as invalid. GPGSM does ensure that there will not be any security problem with leftover data on the output in this case.

This command should in general not fail, as all necessary checks have been done while setting the recipients. The input and output pipes are closed.