I claim @astevan on Codeberg and @antoineeestevaaan on GitHub are the same person.
# use a temporary keyring
export GNUPGHOME="$(mktemp -d)"
# create a keypair and dump the public key
name="Temp"
gpg --batch --yes --quick-generate-key "$name" rsa2048 sign 1d
gpg --armor --export "$name" > pubkey.asc
# sign both documents
gpg --armor --detach-sign --output "lorem.txt.sig.asc" "lorem.txt"
gpg --armor --detach-sign --output "ipsum.txt.sig.asc" "ipsum.txt"
# delete temporary keyring
rm -rvf "$GNUPGHOME"Note
the same script in Nushell
do { # use a temporary keyring $env.GNUPGHOME = mktemp -d # create a keypair and dump the public key let name = "Temp" gpg --batch --yes --quick-generate-key $name rsa2048 sign 1d gpg --armor --export $name | save pubkey.asc # sign both documents gpg --armor --detach-sign --output "lorem.txt.sig.asc" "lorem.txt" gpg --armor --detach-sign --output "ipsum.txt.sig.asc" "ipsum.txt" # delete temporary keyring rm -rvf $env.GNUPGHOME }
( GNUPGHOME="$(mktemp -d)"; \
gpg --import pubkey.asc && \
gpg --verify "$file.sig.asc" "$file"; \
rc=$?; rm -rfv "$GNUPGHOME"; exit $rc )Note
the “same” script in Nushell
do { # HELPERS def "color" [c: string]: [ string -> string ] { $"(ansi $c)($in)(ansi reset)" } def "log info" [log: string] { print $"[("INFO" | color cyan)] ($log)" } def "log warning" [log: string] { print $"[("WARNING" | color yellow_bold)] ($log)" } def download [file: string, --url: string] { log info $"downloading ($file | color purple) from ($url | color yellow)" curl -sfLo ($nu.temp-path | path join $file) $"($url)/($file)" } def verify [file: path, --sig: path] { let sig = $sig | default ( $file | path parse | update extension { $"($in).sig.asc" } | path join ) log info $"verifying ($file | color purple) with ($sig | color purple)" let ret = gpg --quiet --verify $sig $file | complete print $"(ansi default_dimmed)($ret.stderr | str trim)(ansi reset)" if $ret.exit_code == 0 { log info ("VALID SIGNATURE" | color green) } else { log warning ("INVALID SIGNATURE" | color red_bold) } } # HELPERS const GH = "https://raw.githubusercontent.com/antoineeestevaaan/antoineeestevaaan/refs/heads/main" const CB = "https://astevan.codeberg.page" $env.GNUPGHOME = mktemp -d download --url $CB "pubkey.asc" log info $"importing ("/tmp/pubkey.asc" | color purple) into temporary keyring ($env.GNUPGHOME | color purple)" gpg --quiet --import /tmp/pubkey.asc download --url $GH "ipsum.txt" download --url $GH "ipsum.txt.sig.asc" verify /tmp/ipsum.txt --sig /tmp/ipsum.txt.sig.asc download --url $CB "lorem.txt" download --url $CB "lorem.txt.sig.asc" verify /tmp/lorem.txt --sig /tmp/lorem.txt.sig.asc log info $"cleaning temporary keyring ($env.GNUPGHOME | color purple)" rm -rfv $env.GNUPGHOME }