Validating encrypted files
aolsen at standard.com
Fri Dec 7 22:08:36 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
I have encountered something that does not seem to be covered by any of the FAQs, manuals, or other general hints. I figured I might find a couple of good hints here.
I have a number of files that I have received. I can decrypt them or not. I can check the signature or not.
What I want to do is verify that the file was encrypted and to what keys. I can kludge something together by using --status-fd and grep. I am hoping for something a little more user friendly and/or script friendly.
It is not always obvious that a file is encrypted. I have encountered files that have been signed ascii armored data that look encrypted, but are only encoded. The problem is that it *does* decrypt, but with no hint that it was not encrypted in the first place.
I also occasionally need to verify the integrity of the encryption. (Sometimes we get damaged files. If it is damaged, there is no clear way of telling beforehand.) I believe --verify-files will do this, but it is pretty unclear from reading the docs/man pages. If the file is damaged, the only indication(s) are error messages that mean little or nothing. (I am trying to get the files sent as ascii armored, but that step is many people out of my reach.)
Does --verify-files only verify signatures or will it also check for valid data in the data?
Ideas? Should there be an "--file-info" command that would tell you the state of a file? (Encrypted with what keys, signed by what keys, etc.)
-----BEGIN PGP SIGNATURE-----
Version: 9.5.3 (Build 5003)
-----END PGP SIGNATURE-----
More information about the Gnupg-users