in reply to extracting original from gpg clearsigned file

This is heading somewhat offtopic (Perl :-), however...
You should read man gpg. STFW for information on file signing and how it all works.
Understand the way everything works and have another stab at this.
You might find it easier to do this on the command line with a couple of dummy files, then once you have it working, figure out how to achieve the same thing with Perl.

Essentially what you're attempting to do is: 

gpg --verify sigfile signed-files

[download]
Where the result from gpg --clearsign random_tarfile is the 'sigfile' (random_tarfile.asc), and the random_tarfile (which is the 'signed-file(s)') remains unchanged.

Replies are listed 'Best First'.
Re: Re: extracting original from gpg clearsigned file
by jmarans (Novice) on Jan 18, 2002 at 20:50 UTC
    You're right, I haven't absorbed much of the gpg man pages,
    although I have the perl version of gpg->verify()
    working. I can command line extract the original tar
    file from a .gpg signed file with gpg -d -o fn.tar.gpg fn.tar.gpg

    What I've been trying unsuccessfully to do now is
    gpg->decrypt() .gpg files ranging in size from 100k
    to 12 meg.
[reply]

In Section Seekers of Perl Wisdom