[Feature request] Please make it easier to check success/failure from scripts

Werner Koch wk at gnupg.org
Fri Sep 13 16:42:04 CEST 2024


Hi!

GnuPG 2.5.1 has the option --assert-signer and 2.4.6 will have this
option as well:

   --assert-signer fpr_or_file
   
     This option checks whether at least one valid signature on a file
     has been made with the specified key.  The key is either specified
     as a fingerprint or a file listing fingerprints.  The fingerprint
     must be given or listed in compact format (no colons or spaces in
     between).  As of now only SHA-1 fingerprints are allowed.  This
     option can be given multiple times and each fingerprint is checked
     against the sign‐ ing key as well as the corresponding primary key.
     If fpr_or_file specifies a file, empty lines are ignored as well as
     all lines start‐ ing with a hash sign.  With this option gpgsm is
     guaranteed to return with an exit code of 0 if and only if a
     signature has been encoun‐ tered, is valid, and the key matches one
     of the fingerprints given by this option.


Tarcked as https://dev.gnupg.org/T7286

Hope that helps a bit.


Salam-Shalom,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240913/22fe6004/attachment-0001.sig>


More information about the Gnupg-users mailing list