Never mind -- I gave up trying to used gpg to validate the md5
signature and instead rewrote the file data so that it'd go into
md5sum:
cat *.md5 | tr -d ' ' | awk 'BEGIN{OFS=" "; FS=":"}
{tmp=$1;$1=$2;$2=tmp;print}' | md5sum -c
That's not too bad, and I can live with that.
On Sat, Sep 20, 2014 at 5:09 PM, Mike Kienenberger <mkien...@gmail.com> wrote:
> I asked about this for the last release and the only comment was:
>
>> Yeah, lately we've been using gpg for that instead of md5 command:
>
> Is there a compelling reason to do this? I have been unable to find
> a simple scripted approach to validate an md5 signature produced by
> gpg.
>
> With a regular md5sum-produced file, I can use
>
> find . -name '*.md5' -exec cat {} \; -printf ' %f\n' | sed
> 's|\.md5$||' | md5sum -c
>
> and get a result for every file, no matter what the name.
>
> The same exact approach works for sha1 signatures.
>
> I haven't yet found a way to do with this gpg -print-md5 output,
> although it could just be my own short-sightedness.
