osf_filehandle ( ) utility
Leigh S. Jones
kr6x@kr6x.com
Thu Jun 27 04:08:02 2002
http://j1s.us/msvc6osf.zip
http://j1s.us/bc45osf.zip
Here I've prepared two microprograms. One was compiled using
Borland C++ 4.5 while the other was compiled with MSVC6.
These programs are my attempt to assist those who have been
requesting information regarding passing passphrases into gpg
programmatically but lack the compiler and/or expertise to do
the job in C.
All this program does is convert the number string representing
the file handle (the file must be open already) of the file containing
the password into an "osf file handle" and pass the new numeric
string out of stdout. This is only useful for Windows programmers.
Here's what this is all about:
Werner used MingW32 (isn't this also a Werner creation?) to
compile GnuPG 1.0.6/MingW32. One of the characteristics of
this combination is to make the Windows version of gpg fluent in
the "operating system filehandles" that Windows uses rather than
the file descriptor numbers that are returned by the functions that
open pipes, files, ports, etc.
If one were to write a passphrase to a file, then open the file for
reading in Linux using a low-level file handling function (as
opposed to a function that returns a file pointer, the low-level
functions return an integer representing the file), it would be
possible to pass the file descriptor integer to the Linux version
of gpg on the command line as text that follows the
--passphrase-fd option. The file is then read by gpg to get
the passphrase (but it must be closed and perhaps deleted by
the calling process).
On Windows, the same thing happens, but the number being
passed on the gpg command line has to be converted. Hence
the program below.
Well, this doesn't solve all of your programming problems.
These methods need to be recognized for their lack of
security and handled with the utmost of care in order to
avoid compromising your secret key. And I'd like to
suggest that a C program that opens pipes and passes
osf file handles for the ends of the pipes is much more
secure.
The program does not accept piplining the input -- the
file descriptor number must be a decimal number on the
command line.
#include <stdlib.h>
#include <stdio.h>
#include <io.h>
int main ( int argc, char* argv[ ] )
{
int fdPassphrase;
int osfPassphrase;
if ( argc < 2 )
{
printf ( "-1" );
return ( -1 );
} /* end if ( argc < 2 ) */
else
{
fdPassphrase = atoi ( argv[ 1 ] );
}/* end else */
osfPassphrase = _get_osfhandle ( fdPassphrase );
printf ( "%d", osfPassphrase );
return 0;
}/* end main ( ) */