# PGP_VERIFY

Verify whether a given file under $(BUILD_SOURCE) has a valid GPG signature. If NO_PGP is set to 1, this function does not do anything.

This function do not fail even if the key has expired or had been revoked. It also tries to fetch any missing public keys from keyserver.ubuntu.com

# Arguments

Index Status Description
1 Required The file under $(BUILD_SOURCE) to be verified
2 Optional The filename extension of the signature file, without the dot. If unspecified, this is assumed to be sig

# Examples

# Verify $(BUILD_SOURCE)/foo.tar.gz with checksum file at $(BUILD_SOURCE)/foo.tar.gz.sig

$(call PGP_VERIFY,foo.tar.gz)

# Verify $(BUILD_SOURCE)/foo.tar.gz with checksum file at $(BUILD_SOURCE)/foo.tar.gz.asc

$(call PGP_VERIFY,foo.tar.gz,asc)
Last Updated: 2/13/2023, 5:01:45 PM