decrypt stdin with passphrase in

[Steve Butler]

>>* Robert <qg7l80202 at sneakemail.com> [2003-06-25 10:50]:
>>> Now, what I'd REALLY like to find is a way to do this without writing
>>> either the passphrase OR the encrypted block of text to disk...  My
>>> problem seems to be that I can't pipe anything FROM any stream except
>>> stdout and I can't pipe TO any stream except stdin.
>>
>>The example showed you how to use fd 3 as input -- that's the
>>"3<passfile" bit...


> I guess what I'm looking for is something like "echo 'passphrase' 3| gpg
> ...", but there is no "3|" in ksh or sh as far as I can tell...


Try the following:
#!/bin/ksh
rm /tmp/my_phrase /tmp/my_file
mknode /tmp/my_phrase p
mknode /tmp/my_file p
cat my_gpg_file > /tmp/my_file &
echo 'passphrase' > /tmp/my_phrase &
gpg --homedir $gnupg_home --passphrase-fd=3 --no-tty --decrypt \
  3< /tmp/my_phrase 1< /tmp/my_file

Both the pass phrase and the data file will be written through pipe files.
Neither should ever show up on disk.  Both the cat and the echo will wait
until gpg reads the node (er, pipe).

In some versions of Unix, the gpg may need to run first (in the back ground)
as some versions want the pipe reader to open the file first as in:

#!/bin/ksh
rm /tmp/my_phrase /tmp/my_file
mknode /tmp/my_phrase p
mknode /tmp/my_file p
gpg --homedir $gnupg_home --passphrase-fd=3 --no-tty --decrypt \
  3< /tmp/my_phrase 1< /tmp/my_file &
cat my_gpg_file > /tmp/my_file &
echo 'passphrase' > /tmp/my_phrase &
wait



We're Moving June 20th!
600 University St, Suite 1400
Seattle, WA 98101

CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.