How to detect extraneous content in clearsigned (--clearsign) files?

Patrick Schleizer patrick-mailinglists at
Tue Jan 13 20:38:11 CET 2015

Patrick Schleizer:
> Werner Koch:
>> On Mon, 12 Jan 2015 19:52, patrick-mailinglists at said:
>>> However, what works for me is this:
>>> gpg --output ./out --verify ./sha512sums.asc
>> We are both wrong.  --verify does only a verify and nothing else.
>> Running without --verify writes the actual signed data to the file.
> Indeed.
> What I wanted to write in my previous mail...
> However, what works for me is this:
> gpg --output ./out --decrypt ./sha512sums.asc
> Adding --decrypt or not has the same result?

Can answer my own question:
Using --decrypt for verification only is a really bad idea in scripts -
gpg would still exit 0 if file is encrypted, but unsigned.

More information about the Gnupg-users mailing list