Wed Oct 16 13:49:02 2002
Hello Gnupg Users List!
I just signed up on this list and am a relative novice with GnuPG, so
please be kind :-)
I checked the FAQ, man page, and handbook, but haven't seen an answer
to my question:
For a signed and encrypted document, I understand that the --decrypt
command will decrypt the message and verify the signature all in one
operation, but how can I tell in an automated environment that a
signature was attached?
I'm thinking of a scenario where a trading partner is sending us signed
and encrypted documents. When I run the decrypt operation I can see
that the signature is verified from the stderr stream, but in batch
mode the only way I know that everything is ok is that an exit code of
0 is returned.
What if they stop signing their documents? Since I'm only monitoring
the exit code, I won't be able to tell. (And I'd like to know!)
Is there a way to generate an error if the document isn't signed?