Verifying Sender to Signature
Werner Koch
wk@gnupg.org
Wed Aug 29 21:57:02 2001
On Wed, 29 Aug 2001 15:14:17 -0400, Jason Power said:
> It decrypts the file and tells me "Mary" signed it. I can't come up with a
> way to tell this from a batch file. I want to be able to reject the file
awk(1) is your friend. Example:
eval `gpg --batch -o $tarball --status-fd 1 $datafile 2>/dev/null | awk '
/^\[GNUPG:\] VALIDSIG/ { print "signed_by=" $3 ";" }
/^\[GNUPG:\] SIG_ID/ { print "sig_id=" $3 "; sig_date=" $4 ";" }
'`
echo "$pgm: signed_by=$signed_by"
echo "$pgm: sig_id=$sig_id sig_date=$sig_date"
if [ -z "$signed_by" ]; then
echo "$pgm: $tarball has no valid signature." >&2
do_exit 1;
fi
This decrypts the file in $datafile , put the output into the file
named $tarball and sets some evironment variables. The script then
goes on to print the name and fingerprints of the signer.
The script can be made much better and more secure, but you got the idea.
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus