Verify with missing public key: unexpected returncode

Gerd v. Egidy gerd.von.egidy at intra2net.com
Fri Mar 3 18:04:15 CET 2017


Hi,

I have a scenario where a signature on a file should be checked. The file is
signed by several keys and for this scenario it is ok if at least one is
correct. In some cases it can happen that the system doing the check does not
have access to all public keys that are used for signing.

When reading the gpg2 manpage on return codes:

> The program returns 0 if everything was fine, 1 if at least a signature was
> bad, and other error codes for fatal errors.

I think it should return 1 in this case. But I get 2. Why?

Here are the commands to reproduce:

$ gpg2 --verify test.asc.gpg 
gpg: Signature made Fri Mar  3 17:44:57 2017 CET using RSA key ID DB2D0998DC19EEA3
gpg: Good signature from "Foo Foo" [ultimate]
gpg: Signature made Fri Mar  3 17:45:01 2017 CET using RSA key ID 467C036CA9014F3F
gpg: Good signature from "Bar Bar" [ultimate]

$ gpg2 --delete-secret-keys 467C036CA9014F3F
$ gpg2 --delete-keys 467C036CA9014F3F

$ gpg2 --verify test.asc.gpg ; echo "RET: $?"
gpg: Signature made Fri Mar  3 17:44:57 2017 CET using RSA key ID DB2D0998DC19EEA3
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Good signature from "Foo Foo" [ultimate]
gpg: Signature made Fri Mar  3 17:45:01 2017 CET using RSA key ID 467C036CA9014F3F
gpg: Can't check signature: No public key
RET: 2

Kind regards,

Gerd




More information about the Gnupg-users mailing list