sqop verify can't handle multiple certificates in a CERTS ("Invalid data type")
In the stateless openpgp draft, a KEY
stream contains exactly one OpenPGP secret key, a CERTS
stream contains 0 or more OpenPGP certificates.
However, sqop verify
fails when presented with a CERTS
stream with more than one certificate in it:
echo test > test.txt
for x in alice bob; do
sqop generate-key $x > $x.key
sqop extract-cert < $x.key > $x.pgp
done
# make an ASCII-armored "keyring" with both alice and bob:
(sqop dearmor < alice.pgp && sqop dearmor < bob.pgp) | sqop armor > certs.pgp
sqop sign alice.key < test.txt > test.txt.asc
sqop verify test.txt.asc alice.pgp < test.txt
sqop verify test.txt.asc certs.pgp < test.txt
the final command yields:
Failed to load key from file "certs.pgp"
because: Invalid data type
note that sqv
does treat this CERTS
stream as a legitimate keyring:
0 $ sqv test.txt.asc test.txt --keyring certs.pgp
FBE0129DD3AF9F7DC198B5BF532C64E65C1B38AE
0 $