Re: GnuPG-0.07.tar.gz perl interface

To: debian-devel@lists.debian.org
Subject: Re: GnuPG-0.07.tar.gz perl interface
From: Brian May <bam@debian.org>
Date: 18 Oct 2000 14:48:14 +1100
Message-id: <84em1e24jl.fsf@snoopy.apana.org.au>
In-reply-to: shorty@debian.org's message of "17 Oct 00 18:09:58 GMT"
References: <84wvf98eav.fsf@snoopy.apana.org.au> <20001017200958.I19720@seteuid.getuid.de>

>>>>> "Christian" == Christian Kurz <shorty@debian.org> writes:

    Christian> May I ask if you noticed that we have
    Christian> libgnupg-interface-perl packaged in woody? I just
    Christian> wonder if this would have fitted your needs already.

libgnupg-interface seems to operate and a lower level, and makes
simple tasks difficult. For instance, to verify signatures (and obtain
the id of the signer), I used:

    my $gpg = new GnuPG(trace => 0,
      homedir => "/root/.gnupg");
    my $ret = $gpg->verify( signature => $tmp_signature, file => $tmp_file );

and the signer's id appeared as $ret->{"user"}. That is three lines of
code (not counting where I write the tmp files to disk). If I want
debug output from GnuPG, then all I do is set the trace parameter to 1.

The only real limitation with this method was it died if the signature
is invalid - I would rather my function returned an error
instead. Also, I would like to be able to tell GnuPG to find *the*
public keyring and trust database in a directory that is not writable,
however this seems to be a GnuPG limitation.


To do this with gnupg::interface, Marco d'Itri <md@Linux.IT>
suggested the following code:

    my $gnupg = GnuPG::Interface->new(gnupg_call => $PGPS);
    my ($datafile, $output, $errors) =
        (IO::Handle->new, IO::Handle->new, IO::Handle->new);
    my $handles = GnuPG::Handles->new(stdin => $datafile, stdout => $output,
        stderr => $errors);

    $gnupg->options->hash_init(
        armor => 1, textmode => 1, force_v3_sigs => 1,
        meta_interactive => 0
    );
    $gnupg->options->homedir($PGPPATH) if $PGPPATH;
    $gnupg->verify(handles => $handles,
        gnupg_command_args => [ "$filename.asc" ]);

Which is a few more then 3 lines. I wasn't positive what to do, but
guess I had to do something like this:

    print "AAAAAAAAAAAAAAA\n";
    print $datafile $file_contents;
    print "BBBBBBBBBBBBBBB\n";
    my @plaintext    = <$output>;   # reading the output
    print "CCCCCCCCCCCCCCC\n";
    my @error_output = <$errors>;    # reading the error
    print "DDDDDDDDDDDDDDD\n";
    wait;


However, when I run it:

AAAAAAAAAAAAAAA
BBBBBBBBBBBBBBB
(halts at this point)


Also, even if I fixed this problem (and probably everyone is screaming
out the solution right now ;-) ), I cannot see any easy way to extract
the name of the user that created the signature.

Also, just curious (from GnuPG.pm README):
--- cut ---
There are others perl interface to PGP and GnuPG but none of them
used the coprocess interface  provided by gpg.
--- cut ---
what is this coprocess interface?
-- 
Brian May <bam@debian.org>

Reply to:

References:
- GnuPG-0.07.tar.gz perl interface
  - From: Brian May <bam@debian.org>
- Re: GnuPG-0.07.tar.gz perl interface
  - From: Christian Kurz <shorty@debian.org>

Prev by Date: Re: questions about most
Next by Date: Re: Another solution (was Re: All services that require a restart from libc6 upgrade...)
Previous by thread: Re: GnuPG-0.07.tar.gz perl interface
Next by thread: Re: GnuPG-0.07.tar.gz perl interface
Index(es):
- Date
- Thread