gpgv is an OpenPGP signature verification tool.
This program is actually a stripped-down version of
gpg which is
only able to check signatures. It is somewhat smaller than the fully-blown
gpg and uses a different (and simpler) way to check that
the public keys used to make the signature are valid. There are
no configuration files and only a few options are implemented.
gpgv assumes that all keys in the keyring are trustworthy.
That does also mean that it does not check for expired or revoked
By default a keyring named trustedkeys.kbx is used; if that
does not exist a keyring named trustedkeys.gpg is used. The
default keyring is assumed to be in the home directory of GnuPG,
either the default home directory or the one set by an option or an
environment variable. The option
--keyring may be used to
specify a different keyring or even multiple keyrings.
gpgv recognizes these options:
-. This option can be used to get the signed text from a cleartext or binary signature; it also works for detached signatures, but in that case this option is in general not useful. Note that an existing file will be overwritten.
nand not to stderr.
On Windows systems it is possible to install GnuPG as a portable application. In this case only this command line option is considered, all other ways to set a home directory are ignored.
To install GnuPG as a portable application under Windows, create an
empty file named gpgconf.ctl in the same directory as the tool
gpgconf.exe. The root of the installation is then that
directory; or, if gpgconf.exe has been installed directly below
a directory named bin, its parent directory. You also need to
make sure that the following directories exist and are writable:
ROOT/home for the GnuPG home and ROOT/usr/local/var/cache/gnupg
for internal cache files.
The program returns 0 if everything is fine, 1 if at least one signature was bad, and other error codes for fatal errors.
sigfileis the detached signature (either ASCII-armored or binary) and
datafilecontains the signed data; if
datafileis "-" the signed data is expected on
datafileis not given the name of the file holding the signed data is constructed by cutting off the extension (".asc", ".sig" or ".sign") from