Verifying Sender to Signature

Werner Koch
Wed Aug 29 21:57:02 2001

On Wed, 29 Aug 2001 15:14:17 -0400, Jason Power said:

> It decrypts the file and tells me "Mary" signed it. I can't come up with a
> way to tell this from a batch file. I want to be able to reject the file
awk(1) is your friend. Example: eval `gpg --batch -o $tarball --status-fd 1 $datafile 2>/dev/null | awk ' /^\[GNUPG:\] VALIDSIG/ { print "signed_by=" $3 ";" } /^\[GNUPG:\] SIG_ID/ { print "sig_id=" $3 "; sig_date=" $4 ";" } '` echo "$pgm: signed_by=$signed_by" echo "$pgm: sig_id=$sig_id sig_date=$sig_date" if [ -z "$signed_by" ]; then echo "$pgm: $tarball has no valid signature." >&2 do_exit 1; fi This decrypts the file in $datafile , put the output into the file named $tarball and sets some evironment variables. The script then goes on to print the name and fingerprints of the signer. The script can be made much better and more secure, but you got the idea. -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus