Funky little bug

Jason Gunthorpe jgg at ualberta.ca
Sun Sep 19 13:48:47 CEST 1999


I would like to batch process some signatures, basically to identify which
key was used to sign each file, now I figured I could just do this:

cat *.dsc | gpg --keyring ~troup/debian-keyring/debian-keyring.pgp
--load-extension rsaref --with-colons --status-fd 3 --always-trust 3>
/tmp/t

And I'd get a nice ordered list of the signatures in /tmp/t -
unfortunately something goes wrong and every single file except for the
last one gets a bad signature: 

[..]
gpg: Signature made Sat Mar  7 13:08:51 1998 CST using RSAREF key ID B98D36A9
gpg: BAD signature from "David Frey <david at eos.lugs.ch>"
gpg: Signature made Thu Feb 11 10:48:39 1999 CST using RSAREF key ID 965C6A7D
gpg: BAD signature from "Johnie Ingram <johnie at netgod.net>"
gpg: Signature made Sun Aug 30 22:06:52 1998 CDT using RSAREF key ID 788CD1A9
gpg: BAD signature from "Turbo Fredriksson <turbo at junk.nocrew.org>"
gpg: Signature made Sun Oct  4 10:52:16 1998 CDT using RSAREF key ID F8D04A85
gpg: Good signature from "Martin Bialasinski <martinb at debian.org>"

Also, Werner, here is another instance when having gpg process multiple
files on the command line would be -extremely- nice. I need to have gpg
scan about 2000 of these files, so ideally I'd invoke it with all of the
filenames on the command line, it would scan each of them and on the
status-fd it would output a little note every time it changes files. This
would make it really easy to do a number of verification/identification 
tasks on say FTP archives.

I could just invoke gpg for every file, but that's lots slower :<

Thanks,
Jason



More information about the Gnupg-devel mailing list