Eric Hollander <hh@xcf.Berkeley.EDU> writes:
if i use a command like
pgp filename
it will automatically figure out the right thing to do with the file. if it's encrypted, and i have the key, it will attempt to decrypt it. if it contains keys, it will ask if i want to add them to my keyring. if it's signed, it checks the signature.
this sucks!
if i'm trying to write a program to automatically process incoming mail (for instance, to see if it's encrypted with a specific key), i certainly don't want to have the possibility of people being able to add garbage to my keyring just by mailing it to me.
In my remailer, I use: pgp -f < infile > outfile. This won't add keys. If you capture standard error you can parse it (grep is probably good enough) to see whether the message was signed, encrypted, had a bad signature, had keys, etc. Hal