Verify problem with gpgme
bernhard at intevation.de
Wed May 4 09:48:59 CEST 2011
Am Donnerstag, 28. April 2011 22:56:44 schrieb dabicho:
> I am trying to write a small application whose task is to execute a
> script only if it is signed by a specific key.
> I thought I could use gpgme to verify it and check if the signature's
> key has the right name, comment and mail address,
I'd also start with gpgme.
> but I have not found
> a way to read the key data.
Here is an older example in pyme that shows
how you get the key data of the signatures via gpgme in principle:
c.op_verify(sig2, file2, plain2)
result = c.op_verify_result()
index = 0
for sign in result.signatures:
index += 1
print "signature", index, ":"
print " summary: %#0x" % (sign.summary)
print " status: %#0x" % (sign.status)
print " timestamp: ", sign.timestamp
print " fingerprint:", sign.fpr
print " uid: ", c.get_key(sign.fpr, 0).uids.uid
There are other examples that show how to get details about an certificate.
The gpgme documentation is your friend.
The certificates should be in your gnupg store already.
Hope this helps,
Managing Director - Owner: www.intevation.net (Free Software Company)
Deputy Coordinator Germany: fsfe.org. Board member: www.kolabsys.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel