Previous: CMS Options, Up: GPGSM Options [Contents][Index]
--extra-digest-algo name
Sometimes signatures are broken in that they announce a different digest
algorithm than actually used. gpgsm
uses a one-pass data
processing model and thus needs to rely on the announced digest
algorithms to properly hash the data. As a workaround this option may
be used to tell gpg to also hash the data using the algorithm
name; this slows processing down a little bit but allows to verify
such broken signatures. If gpgsm
prints an error like
“digest algo 8 has not been enabled” you may want to try this option,
with ‘SHA256’ for name.
--faked-system-time epoch
This option is only useful for testing; it sets the system time back or forth to epoch which is the number of seconds elapsed since the year 1970. Alternatively epoch may be given as a full ISO time string (e.g. "20070924T154812").
--with-ephemeral-keys
Include ephemeral flagged keys in the output of key listings. Note that they are included anyway if the key specification for a listing is given as fingerprint or keygrip.
--debug-level level
Select the debug level for investigating problems. level may be a numeric value or by a keyword:
none
No debugging at all. A value of less than 1 may be used instead of the keyword.
basic
Some basic debug messages. A value between 1 and 2 may be used instead of the keyword.
advanced
More verbose debug messages. A value between 3 and 5 may be used instead of the keyword.
expert
Even more detailed messages. A value between 6 and 8 may be used instead of the keyword.
guru
All of the debug messages you can get. A value greater than 8 may be used instead of the keyword. The creation of hash tracing files is only enabled if the keyword is used.
How these messages are mapped to the actual debugging flags is not specified and may change with newer releases of this program. They are however carefully selected to best aid in debugging.
--debug flags
This option is only useful for debugging and the behaviour may change
at any time without notice; using --debug-levels
is the
preferred method to select the debug verbosity. FLAGS are bit encoded
and may be given in usual C-Syntax. The currently defined bits are:
0 (1)
X.509 or OpenPGP protocol related data
1 (2)
values of big number integers
2 (4)
low level crypto operations
5 (32)
memory allocation
6 (64)
caching
7 (128)
show memory statistics.
9 (512)
write hashed data to files named dbgmd-000*
10 (1024)
trace Assuan protocol
Note, that all flags set using this option may get overridden by
--debug-level
.
--debug-all
Same as --debug=0xffffffff
--debug-allow-core-dump
Usually gpgsm
tries to avoid dumping core by well written code and by
disabling core dumps for security reasons. However, bugs are pretty
durable beasts and to squash them it is sometimes useful to have a core
dump. This option enables core dumps unless the Bad Thing happened
before the option parsing.
--debug-no-chain-validation
This is actually not a debugging option but only useful as such. It
lets gpgsm
bypass all certificate chain validation checks.
--debug-ignore-expiration
This is actually not a debugging option but only useful as such. It
lets gpgsm
ignore all notAfter dates, this is used by the regression
tests.
--fixed-passphrase string
Supply the passphrase string to the gpg-protect-tool. This option is only useful for the regression tests included with this package and may be revised or removed at any time without notice.
--no-common-certs-import
Suppress the import of common certificates on keybox creation.
All the long options may also be given in the configuration file after stripping off the two leading dashes.
Previous: CMS Options, Up: GPGSM Options [Contents][Index]