Verifying Signatures in a Script
Keith Hellman
khellman at mcprogramming.com
Mon Jun 11 18:56:38 CEST 2007
On Sun, Jun 10, 2007 at 10:33:47AM -0700, Dan T. wrote:
> Look into the --status-fd output, I think the VALIDSIG
> value is what you want.
>
> I hope this help.
>
> Dan
>
Just as a follow-up, I pursued Sven's idea and simply created a
specialized directory:
$ mkdir .my_signature
Exported my public key to its location
$ gpg --home ~/.my_signature --import <(gpg --export <my_key_identifier>)
(or something like that...)
And now I simply invoke gpg (or gpgv) from within my script as
if gpg --home ~/.my_signature --verify ${FILE} ; then ...
Works like a charm, it also has a benefit of easily managing the
signatures I want my script to accept, without cluttering up my
script will silly whose-signed-this-thing logic. I just import or
remove the appropriate public keys from ./my_signature's database.
Cheers.
--
Keith Hellman #include <disclaimer.h>
khellman at mcprogramming.com from disclaimer import standard
khellman at mines.edu
-*-
public key @ pgp.mit.edu B5354B76
Y!M: mcprogramming AIM/ICQ: 485403897
gtalk: jabber at mcprogramming.com
-*-
Experience is a harsh teacher. She gives the test before you learn the
lesson.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20070611/cd7fbdea/attachment.pgp
More information about the Gnupg-users
mailing list