verification example

README.md

@@ -68,21 +68,33 @@ they appear in all capitals, as shown here.
 
 ## Examples
 
-### Bash: Git and pgp with plaintext review
+### Signature Generation
+
+#### Shell: Git and GPG with plaintext review
+
 ```
-local -r review_body="LGTM"
+review="LGTM"
-local -r review_hash="$(printf $review_body | openssl sha256 | awk '{print $2}')"
+review_hash="$(printf $review | openssl sha256 | awk '{print $2}')"
-local -r vcs_ref="$(git rev-parse HEAD)"
+vcs_ref="$(git rev-parse HEAD)"
-local -r tree_hash="$(git rev-parse 'HEAD^{tree}')"
+tree_hash="$(git rev-parse 'HEAD^{tree}')"
-local -r sig_body="sig:v0:$vcs_ref:$tree_hash:$review_hash:pgp"
+body="sig:v0:$vcs_ref:$tree_hash:$review_hash:pgp"
-local -r sig=$(\
+sig=$(printf "%s" "$body" | gpg --detach-sign  | openssl base64 -A )
-    printf "%s" "$body" \
+printf "%s" "$body:$review:$sig"
-    | gpg --detach-sign  \
-    | openssl base64 -A \
-)
-printf "%s" "$sig_body:$review_body:$sig"
 ```
 
+### Signature Verification
+
+#### PGP
+
+```
+gpg --verify <(printf "$sig_body") <(printf "$sig")
+```
+
+### Review Verification
+
+TODO
+
+
 ## Background
 
 TODO