Signature validation in a script

Werner Koch wk at
Mon Sep 5 21:58:21 CEST 2011

On Mon,  5 Sep 2011 18:38, benchoff at said:

> signature.  I want to test for a valid signature from a key in a keyring
> that I specify.  I want to be sure that no user options files, additional

What you want is gpgv or gpgv2:

       gpgv - Verify OpenPGP signatures

       gpgv [options] signed_files

       gpgv is an OpenPGP signature verification tool.

       This program is actually a stripped-down version of gpg which is
       only able to check signatures.  It is somewhat smaller than the
       fully-blown gpg and uses a different (and simpler) way to check
       that the public keys used to make the signature are valid. There
       are no configuration files and only a few options are

       gpgv assumes that all keys in the keyring are trustworthy.  By
       default it uses a keyring named `trustedkeys.gpg' which is
       assumed to be in the home directory as defined by GnuPG or set by
       an option or an environment variable. An option may be used to
       specify another keyring or even mul tiple keyrings.


       The program returns 0 if everything is fine, 1 if at least one
       signature was bad, and other error codes for fatal errors.

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list