2014-02-24T13:10:37Z Photos, electronics, cnc, and more Jeff Eplerjepler@unpythonic.net 2014-02-24T13:10:37Z 2014-02-24T13:10:37Z https://emergent.unpythonic.net/01393247437 <p>…I'll answer in Python. First, put your whole message in a file in unix &quot;mbox&quot; format (this will be the problem if you use some brain-dead GUI mailer!), then in Python extract the signature and the signed message, and finally invoke gpg: <pre> import email import os import sys with open(sys.argv[1]) as mfile: message = email.message_from_file(mfile) if message.get_content_type() != "multipart/signed": raise SystemExit, "message not signed" # Really, you'd want safe temporary filenames, and you'd want to clean them up with open("msg", "wb") as msg: msg.write(message.get_payload(0).as_string()) with open("sig", "wb") as sig: sig.write(message.get_payload(1).get_payload()) # Delegate the real business to gpg os.execvp("gpg", ["gpg", "--verify", "sig", "msg"]) </pre> <p> 2013-04-02T14:15:09Z 2013-04-02T14:15:09Z https://emergent.unpythonic.net/01364912109 I've been spending some time working on Debian stuff, particularly packaging and porting for Debian kFreeBSD. Some time in the future I might wish to become a Debian Maintainer, and a step along the way is to begin using a GPG key. <p>To that end, here's the fingerprint of my key, which is also uploaded to sks-keyservers.net: