tools/verifyfse.sh

#!/bin/bash

# Copyleft 2020 Jeff Cliff
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program, like at COPYING.GPL.  If not, see <https://www.gnu.org/licenses/>.


#precondition
 #wget https://freespeechextremist.com/media/888a4629af8e592774e0fc9cb047c48f33313ac9739de9bc3cc3ee241af4c2ce.asc?name=warrantcanary.asc 
 #gpg --import 888a4629af8e592774e0fc9cb047c48f33313ac9739de9bc3cc3ee241af4c2ce.asc\?name\=warrantcanary.asc

TMPFILE=`mktemp`
TMPFILE1=`mktemp`
TMPFILE2=`mktemp`
TMPFILE3=`mktemp`
successfile=$TMPFILE3
echo "gpg:                using RSA key 768A07A25F0D2AE3816E00AAC7C3A3098FB70D9D" >> $successfile
echo "gpg: Good signature from \"FSE Warrant Canary\" [unknown]" >> $successfile
echo "gpg: WARNING: This key is not certified with a trusted signature!" >> $successfile
echo "gpg:          There is no indication that the signature belongs to the owner." >> $successfile
echo "Primary key fingerprint: 768A 07A2 5F0D 2AE3 816E  00AA C7C3 A309 8FB7 0D9D" >> $successfile

# echo $TMPFILE
finger warrantcanary@freespeechextremist.com | sed -n '/^-/,/^-----END PGP SIGNATURE-----/p' > $TMPFILE
gpg --verify  $TMPFILE 2> $TMPFILE1
#echo "cat $TMPFILE1"
#cat $TMPFILE1
tail -n 5 $TMPFILE1 > $TMPFILE2
diff $successfile $TMPFILE2
if [ $? -ne 0 ]; then
  echo "not good"
else
  echo "good"
fi