How can I extract the --embedded-filename for scripting?
Hi guys, in a script in a specific situation I use embedded filenames for decrypting (as in gpg -v --use-embedded-filename file.gpg). For this script I need to know the name of the resulting unencrypted file, because I want to check headers on this file and extract if it's a compressed file format. I don't see any way to get the file name within the script. My idea was to take the text output of gpg -v --use-embedded-filename file.gpg to a file via , but this is not possible, because it displays text on the console of course, as I have to enter a passphrase... Do you see any way to get the embedded file name for variables? TIA Michael ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting?
I forgot to mention the GNUPG version: It's 1.4.13 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting?
Do you see any way to get the embedded file name for variables? I see two options. One: get the name before you write the decrypted file. Since the name is obviously encrypted, you do need your private key. $ gpg --with-colons --list-packets foo.gpg :pubkey enc packet: version 3, algo 1, keyid 26F7563E73A33BEE data: [2043 bits] :encrypted data packet: length: 86 mdc_method: 2 gpg: encrypted with 2048-bit RSA key, ID 73A33BEE, created 2009-11-12 Peter Lebbing pe...@digitalbrains.com :compressed packet: algo=2 :literal data packet: mode b (62), created 1368011777, name=Hi Michael, raw data: 16 bytes I created a file named Hi Michael filled with 16 bytes of randomness. Two: get the name from status-fd during writing the decrypted file. $ gpg --status-fd 1 --use-embedded-filename foo.gpg [GNUPG:] ENC_TO 26F7563E73A33BEE 1 0 [GNUPG:] CARDCTRL 3 gpg: encrypted with 2048-bit RSA key, ID 73A33BEE, created 2009-11-12 Peter Lebbing pe...@digitalbrains.com [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_INFO 2 7 [GNUPG:] PLAINTEXT 62 1368011777 Hi%20Michael [GNUPG:] PLAINTEXT_LENGTH 16 [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting?
Maybe I didn't read your message well enough before I answered. You said you couldn't use standard out. This is a crude way to get the status-fd stuff in a file as you mention: $ gpg --status-fd 3 --use-embedded-filename foo.gpg 3foo.status You need a passphrase to unlock the secret key for user: [...] 2048-bit RSA key, ID [...] gpg:encrypted with 2048-bit RSA key, ID [...] $ cat foo-status [GNUPG:] ENC_TO [...] 1 0 [GNUPG:] USERID_HINT [...] [GNUPG:] NEED_PASSPHRASE [...] [...] 1 0 [GNUPG:] GOOD_PASSPHRASE [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_INFO 2 9 [GNUPG:] PLAINTEXT 62 1368012643 Hi%20Michael [GNUPG:] PLAINTEXT_LENGTH 16 [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION Since my own key is on a smartcard, I couldn't use it to test the ask for password on the console thing, so I used a test key which I don't want to reveal as it's a spam honeypot key. Bash scripting can do much nicer things with fd's than just throwing the output in a file. By the way, you never mentioned the platform you're working on. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting?
HOLD ON - IT WORKS! Peter Lebbing: $ gpg --status-fd 3 --use-embedded-filename foo.gpg 3foo.status | %GNUPGHOME%gpg.exe --status-fd 2 --use-embedded-filename %1 2%temp%\out.txt produces an out.txt with the desired contents, which I can grep out :-) -- [GNUPG:] PLAINTEXT 62 1368014323 ~20130508135842.ff0fcb7.tmp.7z MANY MANY THANKS, Peter. Best regards Michael ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting [GishPuppy]
You do not indicate OS.
Windows NT 5.x+ OS script:
GPG -v --use-embedded-filename file.gpg 2$$$.tmp
FOR /F tokens=2 delims=' %%I IN ('FIND gpg: original file name ^$$$.tmp')
DO (
@SET origFilename=%%I
DEL $$$.tmp
)
ECHO;%origFilename%
Gishpuppy | To change the delivery settings for this email, click here:
http://www.gishpuppy.com/cgi-bin/edit.py?email=gmane@gishpuppy.com
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting?
On 08/05/13 14:03, Michael Scheer wrote: HOLD ON - IT WORKS! | %GNUPGHOME%gpg.exe --status-fd 2 --use-embedded-filename %1 2%temp%\out.txt 2 is standard error (at least, I suppose Windows does that too), so it will be mixed with any other output to stderr. On Linux, I see the gpg: encrypted with... message on stderr together with the status-fd output. Depending on the buffering chosen for standard error, it might be racey: if some other message mingles with [GNUPG:] PLAINTEXT... it might become unreadable for your script. Somebody with good Windows scripting knowledge might be able to help you keep it separate. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I extract the --embedded-filename for scripting?
On Wed, 8 May 2013 13:36, pe...@digitalbrains.com said: couldn't use standard out. This is a crude way to get the status-fd stuff in a file as you mention: $ gpg --status-fd 3 --use-embedded-filename foo.gpg 3foo.status That is not crude but a standard Unix pattern. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
