Benny Helms wrote: > On Wed, 2006-07-12 at 15:13 -0400, Jeffrey F. Bloss wrote: >> Benny Helms wrote: >> >> <snippage> > >> Don't know if this will help or not, but I just did a quick test with >> GnuPG 1.4.4 and the --dry-run command line switch seem to work fine. >> Outputs to stdout rather than writing a file to disk. I changed a >> single bit in an encrypted (armored) file and tried it, and got a "CRC >> error" without entering any pass phrase at all. >> >> That's with -vv set in my options file, FWIW. And bleeding edge >> hash/cypher algorithms. >> >> Additionally, you can enter a pass phrase on the command line with the >> --passphrase switch. I tested it with both known good and known bad >> encrypted files, and if you enter a bogus/incorrect pass phrase for a >> known good file you get a "bad passphrase" error. With a known bad >> encrypted file you get the same "CRC error". Neither one requires any >> user input, which is what you want. >> >> IOW, if you... >> >> gpg -d --dry-run --passphrase boguspassphrase bad-file.asc >> >> You get the "CRC error", but if you... >> >> gpg -d --dry-run --passphrase boguspassphrase good-file.asc >> >> You get the "bad passphrase". >> >> The down side is, both are exit code '2', so you'd have to grep for the >> "verbal" response to tell the difference. But that's not a major hurdle >> and it should be trivial to "if $?" grep return codes into something >> useful. >> >> The other down side is this doesn't explicitly tell you if you have a >> *good* encrypted file, it only picks out a couple errors. To do that >> you'd have to either be sitting there entering pass phrases, or include >> them in your script. Probably not where you'd want to go with this. :( > > Thanks Jeffrey. Excellent suggestion. This worked well with a .asc > file, but not with a .gpg file. Does anyone on the list have a > preference for .asc vs .gpg output? Pros? Cons? The size is almost > twice as big as a .gpg at this time, which is a definite con. But there > are probably some serious pros as well. Input? >
.asc files are immune to mangling of CR/LF characters which may be
present in binary data, which often happens when you transfer via email
or FTP.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
