Decrypt only if signed
Werner Koch
wk at gnupg.org
Thu Dec 20 16:05:52 CET 2007
On Mon, 17 Dec 2007 18:43, hs2412 at gmail.com said:
> I am writing a batch script and the basic requirement is that GPG
> should only decrypt the file if its signed by using one of the keys in
> the keyring. If it has not been signed, just encrypted, it should
> leave it encrypted and not decrypt it.
You need to decrypt the file before you can tell whether it is signed.
GnuPG emits enough information via --status-fd to detect if the file was
signed as well as the keyID used to sign the file. Delete the plaintext
if it has not been signed.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list