…I'll answer in Python. First, put your whole message in a file in unix "mbox" format (this will be the problem if you use some brain-dead GUI mailer!), then in Python extract the signature and the signed message, and finally invoke gpg:
import email import os import sys with open(sys.argv) as mfile: message = email.message_from_file(mfile) if message.get_content_type() != "multipart/signed": raise SystemExit, "message not signed" # Really, you'd want safe temporary filenames, and you'd want to clean them up with open("msg", "wb") as msg: msg.write(message.get_payload(0).as_string()) with open("sig", "wb") as sig: sig.write(message.get_payload(1).get_payload()) # Delegate the real business to gpg os.execvp("gpg", ["gpg", "--verify", "sig", "msg"])
I've been spending some time working on Debian stuff, particularly packaging and porting for Debian kFreeBSD. Some time in the future I might wish to become a Debian Maintainer, and a step along the way is to begin using a GPG key.
To that end, here's the fingerprint of my key, which is also uploaded to sks-keyservers.net:
All older entries
Website Copyright © 2004-2021 Jeff Epler