24 February 2014, 13:10 UTC
How do you check a signature on a PGP/Mime message
…I'll answer in Python. First, put your whole message in a file in unix "mbox" format (this will be the problem if you use some brain-dead GUI mailer!), then in Python extract the signature and the signed message, and finally invoke gpg:
import email
import os
import sys
with open(sys.argv[1]) as mfile: message = email.message_from_file(mfile)
if message.get_content_type() != "multipart/signed":
raise SystemExit, "message not signed"
# Really, you'd want safe temporary filenames, and you'd want to clean them up
with open("msg", "wb") as msg: msg.write(message.get_payload(0).as_string())
with open("sig", "wb") as sig: sig.write(message.get_payload(1).get_payload())
# Delegate the real business to gpg
os.execvp("gpg", ["gpg", "--verify", "sig", "msg"])
2 April 2013, 14:15 UTC
I've been spending some time working on Debian stuff, particularly packaging and porting for Debian kFreeBSD. Some time in the future I might wish to become a Debian Maintainer, and a step along the way is to begin using a GPG key.
GPG Key
I've been spending some time working on Debian stuff, particularly packaging and porting for Debian kFreeBSD. Some time in the future I might wish to become a Debian Maintainer, and a step along the way is to begin using a GPG key.
To that end, here's the fingerprint of my key, which is also uploaded to sks-keyservers.net:
All older entries
Website Copyright © 2004-2024 Jeff Epler