How to detect extraneous content in clearsigned (--clearsign) files?
Patrick Schleizer
patrick-mailinglists at whonix.org
Tue Jan 13 20:38:11 CET 2015
Patrick Schleizer:
> Werner Koch:
>> On Mon, 12 Jan 2015 19:52, patrick-mailinglists at whonix.org said:
>>
>>> However, what works for me is this:
>>>
>>> gpg --output ./out --verify ./sha512sums.asc
>>
>> We are both wrong. --verify does only a verify and nothing else.
>> Running without --verify writes the actual signed data to the file.
>
> Indeed.
>
> What I wanted to write in my previous mail...
>
> However, what works for me is this:
>
> gpg --output ./out --decrypt ./sha512sums.asc
>
> Adding --decrypt or not has the same result?
Can answer my own question:
Using --decrypt for verification only is a really bad idea in scripts -
gpg would still exit 0 if file is encrypted, but unsigned.
More information about the Gnupg-users
mailing list