ingramj · February 24, 2009 19:03
diff --git a/verify-sig.rb b/verify-sig.rb
 #!/usr/bin/ruby
 # Takes a list of files and verifies the gpg signature on each, and makes
 # sure that it was signed by an allowed key id
 ALLOWED_KEY_IDS = ['C81FD50E']


 ARGV.each do |e|
  result = `gpg --verify #{e} 2>&1`
  # If the the signature isn't verified, print and error and go the next file
  unless result.include?('Good signature')
    puts "Bad signature for #{e}"
    next
  end

  # The key ID is the last word on the first line.
  key_id = result.split("\n")[0].split(" ")[-1]
  unless ALLOWED_KEY_IDS.include?(key_id)
    puts "Verboten Key ID (#{key_id}) for #{e}"
    next
  end

  puts "Valid Key ID (#{key_id}) for #{e}"
 end
	#!/usr/bin/ruby
	# Takes a list of files and verifies the gpg signature on each, and makes
	# sure that it was signed by an allowed key id
	ALLOWED_KEY_IDS = ['C81FD50E']


	ARGV.each do \|e\|
	result = `gpg --verify #{e} 2>&1`
	# If the the signature isn't verified, print and error and go the next file
	unless result.include?('Good signature')
	puts "Bad signature for #{e}"
	next
	end

	# The key ID is the last word on the first line.
	key_id = result.split("\n")[0].split(" ")[-1]
	unless ALLOWED_KEY_IDS.include?(key_id)
	puts "Verboten Key ID (#{key_id}) for #{e}"
	next
	end

	puts "Valid Key ID (#{key_id}) for #{e}"
	end