automate gpg with perl - PGP

This is a discussion on automate gpg with perl - PGP ; Hello ... I want to automate GnuPG via a Perl Script. (I am aware of the security risk). The problem is, when I execute the stated below script, i always get the output "Reading passphrase from file descriptor 3 ..." ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: automate gpg with perl

  1. automate gpg with perl

    Hello ...

    I want to automate GnuPG via a Perl Script. (I am aware of the security
    risk).

    The problem is, when I execute the stated below script, i always get the
    output "Reading passphrase from file descriptor 3 ..." and gnupg waits
    for an input.
    If I just press return, I get an encrypted file, but if try to decrypt
    it with the password in the pass.txt, it fails.

    Here is my little test script:

    open(FILE, "./pass.txt") || die($!) ;
    $fd = fileno(FILE) ;
    system("c:/gnupg/gpg.exe --output test.gpg --passphrase-fd $fd
    --symmetric test.txt") ;
    close(FILE) || die($!) ;

    And another question:
    Is there a way to directly pass the password, perhaps in a perl pipe
    funktion or something like that? I mean only using perl functions,
    without the use of the shell pipe ("|").

    greets,
    Kai

  2. Re: automate gpg with perl

    > I want to automate GnuPG via a Perl Script. (I am aware of the security
    > risk).
    >
    > The problem is, when I execute the stated below script, i always get the
    > output "Reading passphrase from file descriptor 3 ..." and gnupg waits
    > for an input.
    > If I just press return, I get an encrypted file, but if try to decrypt
    > it with the password in the pass.txt, it fails.
    >
    > Here is my little test script:
    >
    > open(FILE, "./pass.txt") || die($!) ;
    > $fd = fileno(FILE) ;
    > system("c:/gnupg/gpg.exe --output test.gpg --passphrase-fd $fd
    > --symmetric test.txt") ;
    > close(FILE) || die($!) ;
    >

    IIRC
    The file descriptor should be numerical, i.e. you should use $6 rather than
    $fd

  3. Re: automate gpg with perl

    Kai Schlamp wrote:

    > Hello ...
    >
    > I want to automate GnuPG via a Perl Script. (I am aware of the security
    > risk).
    >
    > The problem is, when I execute the stated below script, i always get the
    > output "Reading passphrase from file descriptor 3 ..." and gnupg waits
    > for an input.
    > If I just press return, I get an encrypted file, but if try to decrypt
    > it with the password in the pass.txt, it fails.
    >
    > Here is my little test script:
    >
    > open(FILE, "./pass.txt") || die($!) ;
    > $fd = fileno(FILE) ;
    > system("c:/gnupg/gpg.exe --output test.gpg --passphrase-fd $fd
    > --symmetric test.txt") ;
    > close(FILE) || die($!) ;
    >
    > And another question:
    > Is there a way to directly pass the password, perhaps in a perl pipe
    > funktion or something like that? I mean only using perl functions,
    > without the use of the shell pipe ("|").
    >
    > greets,
    > Kai


    Look at GnuPG::Interface on CPAN. You can specify input, output, error,
    status and passphrase handles and print directly to them.

    An example:

    use GnuPG::Interface;
    use IO::Handle;
    use File::Temp;

    my $gpg = GnuPG::Interface->new;
    $gpg->call('/path/to/gpg'); # May not be needed
    $gpg->options->hash_init(armor => 1,
    homedir => '/your/home/dir');
    $gpg->options->meta_interactive(0);
    # Err, stat and pass are small enough to probably be
    # safe with IO::Handle
    my ($err, $stat, $pass) = (IO::Handle->new,
    IO::Handle->new,
    IO::Handle->new);
    # In and out can be large and might cause pipe deadlocks
    # if just IO::Handle is used
    my $in = File::Temp::tempfile(UNLINK => 1);
    my $out = File::Temp::tempfile(UNLINK => 1);
    # There is also a logger filehandle option - see the docs
    my $handles = GnuPG::Handles->new(stdin => $in,
    stdout => $out,
    status => $stat,
    stderr => $err,
    passphrase => $pass);
    # In and out should not be opened by GnuPG::Interface - just used
    $handles->options('stdout')->{direct} = 1;
    $handles->options('stdin')->{direct} = 1;
    my $pid = $gpg->verify(handles => $handles);
    print $pass 'this is the passphrase';
    close($pass);
    print $in 'this is the pgp signed message';
    close($in);
    # You can check $err and $stat for error/success messages
    close($err);
    close($stat);
    waitpid($pid, 0);
    seek($out, 0, 0);
    # Do whatever you want with the output

    MB


+ Reply to Thread