Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re: using a pipe

by Celada (Monk)
on Dec 29, 2005 at 20:47 UTC ( [id://519870]=note: print w/replies, xml ) Need Help??


in reply to using a pipe

I don't quite understand what you are trying to do. In the first code fragment you are doing something with gpg (don't know what it is, it depends on the --option) and in the second fragment you are reading the contents of a file.

Can you reword this?

  • Where is your passphrase coming from? (your Perl script, a file, or is gpg supposed to prompt for it?)
  • What is supposed to be in the file called file? (the stuff to be decrypted? the passphrase?)
  • Where should the output go? (standard output? your Perl script should collect it?

That said, you might be interested in gpg's --passphrase-fd option. It allows you to supply the passphrase to gpg over a pipe, and without disturbing any of the stdio channels. It is the most secure option for passing a passphrase to gpg other than letting gpg prompt for it by itself.

Replies are listed 'Best First'.
Re^2: using a pipe
by drock (Beadle) on Dec 30, 2005 at 03:16 UTC
    the passphrase is coming from a file on my unix box. gpg needs it as stdin like so: cat file |gpg. the password is in the file being opened or cat'ed. the stdout goes as stdin to the gpg decryption process. I am using the --passphrase-fd 0 option, but you still need to cat the file first.

      OK, so if I understand correctly,

      • The passphrase comes from file
      • The input (ciphertext) is in a file and gpg is given this file on its command line, and
      • The output goes into another file, again directed by a command line option.

      The first thing to notice is that the cat might be unnecesary. In other words,

      cat file | gpg
      should have the same effect as
      gpg <file

      but the second is simpler and eliminates an unnecesary pipeline stage. In either case the contents of file becomes the standard input for gpg. The only reason it would matter is if for some reason gpg really insisted that the passphrase-fd be a pipe.

      If that will do, then you may be able to reduce the whole thing down to something as simple as this:

      # Open the file open(FILE, "<file") || die; # Run gpg # Notice that we are not going to bother to try to # make the file become stdin to gpg. We're just going # to tell gpg which file descriptor it's already # accessible as. system("gpg", "--passphrase-fd=" . fileno(FILE), "--decrypt", "--output", "cleartext-filename", "ciphertext-filename"); close FILE;

      That's the true intent of gpg's passphrase-fd option: to give it a file descriptor for some other file besides the three stdio ones.

        ok thank you soo much, but I am getting this error upon a manual decryption it tell me this:
        C:\Program Files\GNU\GnuPG>gpg --passphrase-fd=ohiohea1th_is --decrypt + --output decrypted.txt tstfil e.asc Reading passphrase from file descriptor 0 ... You need a passphrase to unlock the secret key for user: "derek smith" 2048-bit ELG-E key, ID 985DB557, created 2005-12-30 (main key ID 4A673 +EF3) gpg: encrypted with 2048-bit ELG-E key, ID 985DB557, created 2005-12-3 +0 "derek smith" gpg: public key decryption failed: bad passphrase gpg: decryption failed: secret key not available
        ####### and with
        --passphrase-fd= open (PASS, "+<$pass") using . fileno(PASS) I get this error: Reading passphrase from file descriptor 3 ... You need a passphrase to unlock the secret key for user: "derek smith" 2048-bit ELG-E key, ID 985DB557, created 2005-12-30 (main key ID 4A673 +EF3) gpg: encrypted with 2048-bit ELG-E key, ID 985DB557, created 2005-12-3 +0 "derek smith" gpg: public key decryption failed: bad passphrase gpg: decryption failed: secret key not available Press any key to continue . . .
        ####### I know my passphrase is right b/c I executed:
        C:\Program Files\GNU\GnuPG>echo ohiohea1th_is|gpg --passphrase-fd=0 -- +decrypt --output decrypted.txt tstfile.asc Reading passphrase from file descriptor 0 You need a passphrase to unlock the secret key for user: "derek smith" 2048-bit ELG-E key, ID 985DB557, created 2005-12-30 (main key ID 4A673 +EF3) gpg: encrypted with 2048-bit ELG-E key, ID 985DB557, created 2005-12-3 +0 "derek smith" C:\Program Files\GNU\GnuPG>dir Volume in drive C is IBM_PRELOAD Volume Serial Number is 2863-8FD9 Directory of C:\Program Files\GNU\GnuPG 12/30/2005 02:49 PM <DIR> . 12/30/2005 02:49 PM <DIR> .. 12/30/2005 02:49 PM 15 decrypted.txt
        and it worked!

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://519870]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (3)
As of 2024-03-29 05:55 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found