6
3
You can feed GPG a file that has been signed and it will spit out a "signature is good" message, and save the plaintext:
[gh403@shillig-arch ~]$ gpg test.gpg
gpg: Signature made Thu Nov 1 14:19:08 2012 CDT using RSA key ID D1FEC5F4
gpg: Good signature from "gh403 <gh403@***********>"
and I can look at its output and verify that, yes, gh403 signed this and that yes, the signature is good.
What I would like to be able to do is script this behavior. Specifically, I need a script that will check to see that the signature is good and that the key that it has been signed with has a certain ID.
Is there a plain GPG call to do this? Or would I need a more elaborate script? Thanks for any thoughts!
Beautiful. Exactly what I was looking for! – thirtythreeforty – 2012-11-01T23:53:31.810