automate gpg with perl - PGP
This is a discussion on automate gpg with perl - PGP ; Hello ...
I want to automate GnuPG via a Perl Script. (I am aware of the security
risk).
The problem is, when I execute the stated below script, i always get the
output "Reading passphrase from file descriptor 3 ..." ...
-
automate gpg with perl
Hello ...
I want to automate GnuPG via a Perl Script. (I am aware of the security
risk).
The problem is, when I execute the stated below script, i always get the
output "Reading passphrase from file descriptor 3 ..." and gnupg waits
for an input.
If I just press return, I get an encrypted file, but if try to decrypt
it with the password in the pass.txt, it fails.
Here is my little test script:
open(FILE, "./pass.txt") || die($!) ;
$fd = fileno(FILE) ;
system("c:/gnupg/gpg.exe --output test.gpg --passphrase-fd $fd
--symmetric test.txt") ;
close(FILE) || die($!) ;
And another question:
Is there a way to directly pass the password, perhaps in a perl pipe
funktion or something like that? I mean only using perl functions,
without the use of the shell pipe ("|").
greets,
Kai
-
Re: automate gpg with perl
> I want to automate GnuPG via a Perl Script. (I am aware of the security
> risk).
>
> The problem is, when I execute the stated below script, i always get the
> output "Reading passphrase from file descriptor 3 ..." and gnupg waits
> for an input.
> If I just press return, I get an encrypted file, but if try to decrypt
> it with the password in the pass.txt, it fails.
>
> Here is my little test script:
>
> open(FILE, "./pass.txt") || die($!) ;
> $fd = fileno(FILE) ;
> system("c:/gnupg/gpg.exe --output test.gpg --passphrase-fd $fd
> --symmetric test.txt") ;
> close(FILE) || die($!) ;
>
IIRC
The file descriptor should be numerical, i.e. you should use $6 rather than
$fd
-
Re: automate gpg with perl
Kai Schlamp wrote:
> Hello ...
>
> I want to automate GnuPG via a Perl Script. (I am aware of the security
> risk).
>
> The problem is, when I execute the stated below script, i always get the
> output "Reading passphrase from file descriptor 3 ..." and gnupg waits
> for an input.
> If I just press return, I get an encrypted file, but if try to decrypt
> it with the password in the pass.txt, it fails.
>
> Here is my little test script:
>
> open(FILE, "./pass.txt") || die($!) ;
> $fd = fileno(FILE) ;
> system("c:/gnupg/gpg.exe --output test.gpg --passphrase-fd $fd
> --symmetric test.txt") ;
> close(FILE) || die($!) ;
>
> And another question:
> Is there a way to directly pass the password, perhaps in a perl pipe
> funktion or something like that? I mean only using perl functions,
> without the use of the shell pipe ("|").
>
> greets,
> Kai
Look at GnuPG::Interface on CPAN. You can specify input, output, error,
status and passphrase handles and print directly to them.
An example:
use GnuPG::Interface;
use IO::Handle;
use File::Temp;
my $gpg = GnuPG::Interface->new;
$gpg->call('/path/to/gpg'); # May not be needed
$gpg->options->hash_init(armor => 1,
homedir => '/your/home/dir');
$gpg->options->meta_interactive(0);
# Err, stat and pass are small enough to probably be
# safe with IO::Handle
my ($err, $stat, $pass) = (IO::Handle->new,
IO::Handle->new,
IO::Handle->new);
# In and out can be large and might cause pipe deadlocks
# if just IO::Handle is used
my $in = File::Temp::tempfile(UNLINK => 1);
my $out = File::Temp::tempfile(UNLINK => 1);
# There is also a logger filehandle option - see the docs
my $handles = GnuPG::Handles->new(stdin => $in,
stdout => $out,
status => $stat,
stderr => $err,
passphrase => $pass);
# In and out should not be opened by GnuPG::Interface - just used
$handles->options('stdout')->{direct} = 1;
$handles->options('stdin')->{direct} = 1;
my $pid = $gpg->verify(handles => $handles);
print $pass 'this is the passphrase';
close($pass);
print $in 'this is the pgp signed message';
close($in);
# You can check $err and $stat for error/success messages
close($err);
close($stat);
waitpid($pid, 0);
seek($out, 0, 0);
# Do whatever you want with the output
MB
