tools/verifyfse.sh

#!/bin/bash
#precondition
 #wget https://freespeechextremist.com/media/888a4629af8e592774e0fc9cb047c48f33313ac9739de9bc3cc3ee241af4c2ce.asc?name=warrantcanary.asc 
 #gpg --import 888a4629af8e592774e0fc9cb047c48f33313ac9739de9bc3cc3ee241af4c2ce.asc\?name\=warrantcanary.asc

TMPFILE=`mktemp`
TMPFILE1=`mktemp`
TMPFILE2=`mktemp`
TMPFILE3=`mktemp`
successfile=$TMPFILE3
echo "gpg:                using RSA key 768A07A25F0D2AE3816E00AAC7C3A3098FB70D9D" >> $successfile
echo "gpg: Good signature from \"FSE Warrant Canary\" [unknown]" >> $successfile
echo "gpg: WARNING: This key is not certified with a trusted signature!" >> $successfile
echo "gpg:          There is no indication that the signature belongs to the owner." >> $successfile
echo "Primary key fingerprint: 768A 07A2 5F0D 2AE3 816E  00AA C7C3 A309 8FB7 0D9D" >> $successfile

# echo $TMPFILE
finger warrantcanary@freespeechextremist.com | sed -n '/^-/,/^-----END PGP SIGNATURE-----/p' > $TMPFILE
gpg --verify  $TMPFILE 2> $TMPFILE1
#echo "cat $TMPFILE1"
#cat $TMPFILE1
tail -n 5 $TMPFILE1 > $TMPFILE2
diff $successfile $TMPFILE2
if [ $? -ne 0 ]; then
  echo "not good"
else
  echo "good"
fi