verifying gpg signature under opendkim-lua script
Robert J. Hansen
rjh at sixdemonbag.org
Thu Jan 8 08:01:56 CET 2026
> My ultimate goal is to route emails using gpg's fingerprinting. This is
> the first step toward that goal. That is all.
Lua doesn't have GPGME bindings, so you'll likely have to do this the
error-prone way: fire up GnuPG and verify the signature, after hooking
up --status-fd to a file descriptor of your choice. _Do not_ parse the
normal console output: only the status-fd output should be used.
When verifying a message with gpg --verify, you'll see a message stanza
like:
[GNUPG:] KEY_CONSIDERED CC11BE7CBBED77B120F37B011DCBDC01B44427C7 0
[GNUPG:] SIG_ID qtBYYa4lfH60IDd2oOz06S6QBjc 2026-01-08 1767855159
[GNUPG:] GOODSIG 1DCBDC01B44427C7 Robert J. Hansen <rob at hansen.engineering>
The first, KEY_CONSIDERED, gives you the full fingerprint. If you then
see GOODSIG the message has passed its signature verification and then
you can have Lua do what you want with the message.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260108/23957d57/attachment-0001.sig>
More information about the Gnupg-users
mailing list