Before encryption can be done the recipient must be set using the command:
Set the recipient for the encryption. userID should be the
internal representation of the key; the server may accept any other way
of specification. If this is a valid and trusted recipient the server
does respond with OK, otherwise the return is an ERR with the reason why
the recipient cannot be used, the encryption will then not be done for
this recipient. If the policy is not to encrypt at all if not all
recipients are valid, the client has to take care of this. All
RECIPIENT commands are cumulative until a
RESET or an
INPUT FD[=n] [--armor|--base64|--binary]
Set the file descriptor for the message to be encrypted to n. Obviously the pipe must be open at that point, the server establishes its own end. If the server returns an error the client should consider this session failed. If n is not given, this commands uses the last file descriptor passed to the application. See the assuan_sendfd function in the Libassuan manual, on how to do descriptor passing.
--armor option may be used to advice the server that the
input data is in PEM format,
--base64 advices that a
raw base-64 encoding is used,
--binary advices of raw binary
input (BER). If none of these options is used, the server
tries to figure out the used encoding, but this may not always be
OUTPUT FD[=n] [--armor|--base64]
Set the file descriptor to be used for the output (i.e. the encrypted message). Obviously the pipe must be open at that point, the server establishes its own end. If the server returns an error he client should consider this session failed.
The option armor encodes the output in PEM format, the
--base64 option applies just a base 64 encoding. No option
creates binary output (BER).
The actual encryption is done using the command
It takes the plaintext from the
INPUT command, writes to the
ciphertext to the file descriptor set with the
take the recipients from all the recipients set so far. If this command
fails the clients should try to delete all output currently done or
otherwise mark it as invalid.
GPGSM does ensure that there
will not be any
security problem with leftover data on the output in this case.
This command should in general not fail, as all necessary checks have been done while setting the recipients. The input and output pipes are closed.