bash 脚本检查 GPG 签名是否有效并且属于密钥
我正在尝试编写一个 bash 脚本来检查给定的签名是否有效。我有两个可能的输出:
$ gpg --no-default-keyring --keyring /etc/pubring.gpg --verify file.tgz.sig file.tgz
WRONG
gpg: Signature made Tue 05 Apr 2011 11:01:19 CEST using RSA key ID E32804F0
gpg: Can't check signature: public key not found
RIGHT
gpg: Signature made Tue 05 Apr 2011 11:01:19 CEST using RSA key ID E32804F0
gpg: Good signature from "Test key <test@localhost>"
我如何能够检测检查是否正确而无需解析结果。
这个问题类似于 Verify GPG file signature with Perl 但我想在 bash 中执行此操作(或者如果非常需要 Python。)
I am trying to write a bash script that checks if a given signature is valid or not. I have two possible outputs from:
$ gpg --no-default-keyring --keyring /etc/pubring.gpg --verify file.tgz.sig file.tgz
WRONG
gpg: Signature made Tue 05 Apr 2011 11:01:19 CEST using RSA key ID E32804F0
gpg: Can't check signature: public key not found
RIGHT
gpg: Signature made Tue 05 Apr 2011 11:01:19 CEST using RSA key ID E32804F0
gpg: Good signature from "Test key <test@localhost>"
How I can detect if the checking was right without having to parse the result.
This question is similar to Verify GPG file signature with Perl but II would like to do that in bash (or if very needed Python.)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我不知道 gpg 命令,但它是否会为“错误”和“正确”结果返回不同的退出值?运行命令后检查这一点的最简单方法是:
如果一切正常,我希望它返回 0,否则返回其他值。所以你的 bash 脚本看起来像:
I don't know the
gpgcommand but does it return a different exit value for the "wrong" and "right" results? The easiest way to check this after running the command would be:I would expect it to return 0 if everything is OK and something else if not. So your bash script would look like:
来自 GnuPG 手册页:
所以你可以使用 http://docs.python.org/library/subprocess.html获取
gpg的返回码。From the GnuPG man page:
So you can use http://docs.python.org/library/subprocess.html to get the return code of
gpg.