Detached signature as a pass-through filter?

Michael Young mwy-gpg41 at the-youngs.org
Mon Aug 11 23:21:02 CEST 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Shaw suggested:
> Why not use "tee"?  That's the standard resource for constructing a
> pipeline when a command consumes data.
> 
> echo "foo" | tee tempfile | gpg --detach-sign -o sigfile.gpg ; cat tempfile

Using a regular "tempfile", there are two reasons: this requires
storage for the intermediary result (which may be large); and, the
second command doesn't get started until the output is complete.  The
same thing can be accomplished without "tee" at all:
    echo "foo" > tempfile
    gpg ... < tempfile
    <tempfile other_commands...
    rm tempfile   # need to clean up afterwards, too

I really was looking for a streaming solution.

John Clizbe suggested:
> using tee to split the output stream before you pipe to gpg would be the
> standard way to do it (I'm sure named pipes & file descriptors could be
> woven in some way)

Yes, "tee" combined with a FIFO should work, but it's not very portable.

I could always write my own "tee" that emits to additional file descriptors
(rather than files), and do descriptor redirections.  This may be slightly
more portable (e.g., *might* work on Cygwin).  Or, I could hack a private
version of GnuPG that does what I want -- that would be portable, but it
adds an upkeep burden (as GnuPG changes, I'd like to follow).

Again, I was just hoping that I could get GnuPG to act as a passthrough.
It seems not.  Thanks for the responses, though!

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQA/AwUBPzf63ec3iHYL8FknEQId+gCg/QrnIBfuXS21W4AaHXOddDoB5Q0An1mn
zdcAQhCCvkM75iWBj2H7dFI4
=RJ3u
-----END PGP SIGNATURE-----






More information about the Gnupg-devel mailing list