Signature validation in a script
wk at gnupg.org
Mon Sep 5 21:58:21 CEST 2011
On Mon, 5 Sep 2011 18:38, benchoff at bev.net said:
> signature. I want to test for a valid signature from a key in a keyring
> that I specify. I want to be sure that no user options files, additional
What you want is gpgv or gpgv2:
gpgv - Verify OpenPGP signatures
gpgv [options] signed_files
gpgv is an OpenPGP signature verification tool.
This program is actually a stripped-down version of gpg which is
only able to check signatures. It is somewhat smaller than the
fully-blown gpg and uses a different (and simpler) way to check
that the public keys used to make the signature are valid. There
are no configuration files and only a few options are
gpgv assumes that all keys in the keyring are trustworthy. By
default it uses a keyring named `trustedkeys.gpg' which is
assumed to be in the home directory as defined by GnuPG or set by
an option or an environment variable. An option may be used to
specify another keyring or even mul tiple keyrings.
The program returns 0 if everything is fine, 1 if at least one
signature was bad, and other error codes for fatal errors.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users