Doing gpg file verification is hard. At least if one wants to defeat rollback and indefinite freeze attacks. Currently whonixcheck (Whonix News) and tb-updater contain code for gpg file verification code.
Also securix needs some secure gpg file verification code:
Therefore it's a good idea to create a lib that contains common code, gpg-bash-lib.
For more background, see: