Can gnu pg be controleed from a program that talks to it via standin , stadout

[Enzo Michelangeli]

----- Original Message -----
From: "Fernando, Robert (ELSLON)" <Robert.Fernando at chemweb.com>
To: <gnupg-devel at gnupg.org>
Sent: Monday, March 20, 2000 18:14
Subject: Can gnu pg be controleed from a program that talks to it via
standin , stadout


>
> > Hi all,
> >
> Is there an example / commands that allow privacy guard to work via
> stdin / stdout so that an automated system can verify a public key
encrypted
> file is valid.

If it is encrypted, you probably want to decrypt it (not verify it), which
requires access to the recipient's private key. If that is protected by the
passphrase, you may send it to stdin before the encrypted message if you use
the options "--batch" and "--passphrase-fd 0". The following simple example
outputs to stdout the plaintext recovered from message.asc, assuming that
the passphrase is "secret word":

 (echo "secret word"; cat message.asc) | gpg --batch --passphrase-fd 0

(the file descriptor "0" stands for stdin).
In a real life application you probably will not want to hardcode the
passphrase in the script; for better security, you might have a daemon
receiving the passphrase from console at startup, keeping it somehow
scrambled in RAM, and piping it to gpg's stdin when required (after
launching gpg as child process).

The option "--logger-fd" may be used to intercept the strings normally sent
to stderr.

Cheers --

Enzo