Properly communicate message structure from streaming Verifier/Decryptor
Neal writes:
Because I think the behavior of VerificationHelper and DecryptVerificationHelper should be the same, I was thinking of a sign+encrypt+sign message, which is used by WKS:
[ OPS [ SEIP [ OPS [ COMPRESSED [ LITERAL ] ] SIG MDC ] SIG ] In this case, we have two "groups" of signatures: one inside the encrypted container and one outside it. I was thinking that we would call check after processing each signature group. But, I guess we could just collect the signature results and only call check once know there are no more signatures, e.g., when we hit EOF. I actually like this, because we can communicate the message structure in the check callback and it is easy to figure out what each signature group protects.
Since an OpenPGP message format is relatively simple, we can summarize each level as a single element in a simple, flat vector. For instance, the above message might be communicated as: [ SIGNATURES ENCRYPTION SIGNATURE LITERAL ]. In this case, I left out the compressed data container, which is never unimportant, I think.
Justus replies:
Ah, but in your example, the inner signatures have a different depth than the outer ones (as opposed to signatures in different signature groups that have the same depth).
Thinking about it, [OPS, CompressedData [OPS, Literal, Signature], Signature] is valid too, with no encryption in sight.
See also #94 (closed).