NAME

sopv-inline-verify - Verify OpenPGP signed message

SYNOPSIS

sopv [--debug] inline-verify [--not-before=DATE] [--not-after=DATE] [--verifications-out=VERIFICATIONS] [--] CERTS [CERTS...] <INLINESIGNED

DESCRIPTION

sopv inline-verify evaluates OpenPGP signatures bundled in a message. Its standard input can be either an OpenPGP Signed Message or a message signed with the OpenPGP Cleartext Signing Framework. If a valid signature is found, it returns 0 and emits the contents of the message (without any signatures) on standard output.

If no valid OpenPGP signature is found, sopv inline-verify returns non-zero.

EXAMPLES

if sopv inline-verify signer.cert < message.signed > message.txt; then


    echo "The information found in message.txt was signed"
else


    rm message.txt


    echo "no valid signature found"
fi

OPTIONS

--not-before=DATE: Do not accept signatures made before the specified DATE. Supply DATE in ISO-8601 format, preferably in UTC (see DATE in sopv(1)).
--not-after=DATE: Do not accept signatures made after the specified DATE. Supply DATE in ISO-8601 format, preferably in UTC (see DATE in sopv(1)).
--verifications-out=VERIFICATIONS: If the caller wants to inspect the details of the valid signatures, it can use this argument to request those details. See VERIFICATIONS in sopv(1) for more details about this format.

ARGUMENTS

One or more CERTS arguments should point to OpenPGP certificates that would be acceptable signers.

RETURN CODE

sopv inline-verify returns 0 to indicate that at least one valid signature was found.

It may fail for other reasons, but NO_SIGNATURE (3) is a likely failure mode when the message contains no valid signature from any of the CERTS.

AUTHOR

This manual page was written by Daniel Kahn Gillmor. Your implementation of sopv is likely written by someone else in alignment with the SOP specification. Please run sopv version to learn more about your implementation.