using verify over stdin
David Shaw
dshaw@jabberwocky.com
Tue Nov 5 00:44:02 2002
On Mon, Nov 04, 2002 at 02:57:47PM -0800, Justin Karneges wrote:
> > gpg --enable-special-filenames --verify - '-&5' <sig 5<data
> >
> > With --enable-special-filenames you may - at most places - give an
> > open file descriptor number prefixed with "-&" instead of a filename.
> > "-" is the usual abbreviation for '-&0' or '-&1' depending on context.
>
> Excellent. Works good :) I still wonder though, why is it a security risk to
> use stdin for both inputs?
>
> I have another question now: How can I extract the the key/user ID from a
> signature? During a verify, GPG reports it on stderr, but maybe there is a
> way to get it to print to stdout in an easily parsable format?
Ta da!
gpg --status-fd x
Format is given in the DETAILS file in the doc/ directory.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson