dealing with password in batch file
Henry Hertz Hobbit
hhhobbit7 at netscape.net
Tue Apr 25 08:09:06 CEST 2006
On 21 Apr 2006 Trevor Smith <trevor at haligonian.com> wrote:
>On 21-Apr-06, at 3:11 PM, Sean Cerney wrote:
>> I've been decrypting xml files for a while now with a batch file
>> that converts the pgp file into an xml file with a timestamp.
>> The thing is I always have to manually enter the password each time
>> I run the batch file. I want to
>> Any suggestions? Thank you.
>Sorry, I'm not 100% sure what you're trying to do (I couldn't see any
>actual gpg stuff in your batch file, but it's been about a hundred
>years since I've seen a .bat file so I could be missing the
>obvious...), but if you're trying to automate passphrase entry into a
>batch file, here is what I have used in a Unix (or, rather, Linux and
>Mac OS X, actually) bash shell script:
>gpg --passphrase-fd 3 "$FILE" 3<$pwfile
>where $FILE is the file to be decrypted and $pwfile is a variable
>that is set to some arbitrary file name that contains the passphrase.
>What the above does is (after you create a temporary file with the
>passphrase in it) tell gpg to read the passphrase from "file
>descriptor 3" and the last bit (3<$pwfile) tells Unix to redirect the
>file, $pwfile, into file descriptor 3.
>Obviously you need to modify this somewhat to run on DOS (or Windows,
>or whatever it's called these days) but it may point you in the right
You will have to modify it more than just a little. All that can be redirected in Script files (what used to be called batch files) is just STDIN and STDOUT (<, >). I don't even know a way to redirect STDERR. Please correct me if I am wrong. I tried it for a long while and gave up. It just didn't know what 2> meant. You will most likely have to write it in either a VBScript or a JScript tool (I strongly advise using VBScript). In them you have enough power to open up a file, read in the password, close the file and delete the file contaning the password immediately after reading in the password. In reality, I wouldn't even use VBScript. I would use C and compile it. The code size is about the same and it runs much faster and you have more control. You won't even need to worry about File Descriptor 3 - you will embed the everything in a system() function call with the password embedded into the command. I use the Mars compiler
Your mileage will vary. I assume you know where all of the VBScript stuff is. I just don't think you can do it in batch because cmd.exe just isn't powerful enough to handle the redirect of FD-2 (STDERR), much less FD-3.
A lot of people working with very powerful Linux shells (ksh, sh, bash, etc.) just don't know how weak Windows Shell scripting is. I used to update all kind of stuff with a huge project (was working with cross compilers for the Hobbit and Intel chips of Pen systems) and finally gave up and demanded that they give me a Turrible-C compiler to do all of it. At least with that I had findfirst(), findnext() to read the dir, etc and do things accordingly. The updates were so convoluted with dirs coming into existence and going out of existence that I finally had to use recursion to handle all of the stuff.
Switch to Netscape Internet Service.
As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register
Netscape. Just the Net You Need.
New! Netscape Toolbar for Internet Explorer
Search from anywhere on the Web and block those annoying pop-ups.
Download now at http://channels.netscape.com/ns/search/install.jsp
More information about the Gnupg-users