table of contents
DKG-VERIFY(1) | User Commands | DKG-VERIFY(1) |
NAME¶
dkg-verify -- verifies a detached signature of a file according to OpenPGP
SYNOPSIS¶
dkg-verify [options] KEYFILE
DESCRIPTION¶
This program verifies a detached signature read from STDIN according to the OpenPGP standard. KEYFILE represents the ASCII-armored public key, for which the verification is performed. If KEYFILE is omitted and by option "-k" a file containing a set of keys (keyring) is given, the corresponding public key is determined by the issuer fingerprint or issuer subpacket from the signature. Optionally with "-k" some external revocation keys can be provided by the user. Currently, DSA/DSS, RSA, ECDSA, and EdDSA are permitted as public-key algorithms. The input file for which the signature is checked must be specified by the mandatory option "-i". Instead of reading the detached signature from STDIN, by option "-s" a file containing this signature can be supplied.
By "-f" and "-t" the user can provide a validity period, i.e., signatures made before the TIMESPEC of option "-f" or after the TIMESPEC of option "-t" are not valid. The corresponding TIMESPEC must be of the format "YYYY-MM-DD[_HH:MM:SS]". The default values are "2009-06-01 00:00:00 (publication date of FIPS 186-3)" and the current system date, respectively.
The program returns a non-zero value on error, e.g., if the detached signature is invalid or no admissible public key is found in KEYFILE.
OPTIONS¶
Arguments mandatory for long options are also mandatory for short options.
- -b, --binary
- consider KEYFILE and each FILENAME as binary input
- -f TIMESPEC
- signature made before given TIMESPEC is not valid
- -h, --help
- print this list of options
- -i FILENAME
- verify detached signature on FILENAME
- -k FILENAME
- use keyring FILENAME containing (external revocation) keys
- -s FILENAME
- read detached signature from FILENAME instead of STDIN
- -t TIMESPEC
- signature made after given TIMESPEC is not valid
- -v, --version
- print the version number of the program
- -V, --verbose
- turn on verbose output
- -w, --weak
- allow weak or expired keys
SECURITY¶
The current implementation is in experimental state and should NOT be used in production environments.
REPORTING BUGS¶
Security vulnerabilities or cryptographic complaints should be reported via an email directly to <HeikoStamer@gmx.net>. Reported problems will be published after they've been fixed.
Please report all other bugs via public bug tracker <https://savannah.nongnu.org/bugs/?func=additem&group=dkgpg>
Home page of Distributed Privacy Guard (DKGPG): <https://savannah.nongnu.org/projects/dkgpg/>
THANKS¶
The author thanks Daniel Kahn Gillmor for his valuable suggestions regarding useful extensions of this program.
COPYRIGHT¶
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the sources of this package and additionally can be obtained from Internet <https://www.gnu.org/licenses>.
SEE ALSO¶
September 2018 | Distributed Privacy Guard 1.1.3 |