Decrypt only if signed

Werner Koch wk at gnupg.org
Thu Dec 20 16:05:52 CET 2007


On Mon, 17 Dec 2007 18:43, hs2412 at gmail.com said:

> I am writing a batch script and the basic requirement is that GPG
> should only decrypt the file if its signed by using one of the keys in
> the keyring. If it has not been signed, just encrypted, it should
> leave it encrypted and not decrypt it.

You need to decrypt the file before you can tell whether it is signed.
GnuPG emits enough information via --status-fd to detect if the file was
signed as well as the keyID used to sign the file.  Delete the plaintext
if it has not been signed.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gnupg-users mailing list