gpgv-sq - gpgv-sq - Verify OpenPGP signatures like gpgv
Contents
Description
This is a re-implementation and drop-in replacement of gpgv using the Sequoia OpenPGP implementation.
gpgv-sq is feature-complete. Please report any problems you encounter when replacing gpgv with gpgv-sq.
Environment
GNUPGHOME
If set, must contain an absolute path to a directory containing the GnuPG state, i.e. the
configuration files, the cert rings, the secret keys, and the trust database. Can be overridden
using the the option `--gnupghome`. If unset, and the option `--gnupghome` is not given, defaults
to `$HOME/.gnupg`. In the FILES section below, `$GNUPGHOME` is the location of the GnuPG state
directory, independently on how it is set (i.e. unset, set via `--gnupghome`, or set via
`$GNUPGHOME).
SEQUOIA_CRYPTO_POLICY
If set, must contain an absolute path to a configuration file that changes which cryptographic
algorithms are acceptable. By default, /etc/crypto-policies/back-ends/sequoia.config is read,
which on Fedora contains a reasonable policy set by the distribution. See
https://docs.rs/sequoia-policy-config/latest/sequoia_policy_config/#format for a description of
the file format.
Files
$GNUPGHOME/trustedkeys.kbx
The default set of trusted certificates.
$GNUPGHOME/trustedkeys.gpg
Legacy default set of trusted certificates. This file is read if `trustedkeys.kbx` does not
exist.
/etc/crypto-policies/back-ends/sequoia.config
Default cryptographic policy. On Fedora, this contains a reasonable policy set by the
distribution. Can be overridden using the SEQUOIA_POLICY_CONFIG environment variable. See
https://docs.rs/sequoia-policy-config/latest/sequoia_policy_config/#format for a description of
the file format.
Name
gpgv-sq - gpgv-sq - Verify OpenPGP signatures like gpgv
Options
-v, --verbose
verbose
-q, --quiet
be somewhat more quiet
--keyring=FILE
take the keys from the keyring FILE
-o, --output=FILE
write output to FILE
--ignore-time-conflict
make timestamp conflicts only a warning
--status-fd=FD
write status info to this FD
--weak-digest=ALGO
reject signatures made with ALGO
-h, --help
Print help (see a summary with '-h')
-V, --version
Print version
[SIG-FILE]
Signatures or inline-signed message to verify. If not given, or `-` is given, the signature or
inline-signed message is read from stdin.
[DATA-FILE]
If SIG-FILE is a detached signature, DATA-FILE is the data the signature is supposed to protect.
If given multiple times, the signature is assumed cover the concatenation of all files.
Synopsis
gpgv-sq [-v|--verbose] [-q|--quiet] [--keyring] [-o|--output] [--ignore-time-conflict] [--status-fd]
[--weak-digest] [-h|--help] [-V|--version] [SIG-FILE] [DATA-FILE]
Version
v0.12.1
gpgv-sq 0.12.1 gpgv-sq(1)
