[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gnupg-users
Subject:    CGI script decrypting using GPG?
From:       "Robert" <qg7l80202 () sneakemail ! com>
Date:       2003-06-23 17:16:30
[Download RAW message or body]

For a system I'm using GPG to encrypt data as users enter it and store that in a \
database.

I also need for some admistrative-type users to be able to view this data \
un-encrypted and I'm having problems writing a CGI script to do this trick.

This is on a UNIX system and my problem is that I need to give gpg 2 different pieces \
of input: the data to be decrpyted and the passphrase to use to decrypt it.

Something that Works, but is Bad is this:

echo "<data to be decrypted>" | gpg --options decrypt.conf 2< <text file containing \
passphrase>

But that means storing the passphrase in a plain text file on the server.
And that means anyone gaining root access to the server could decrypt this data.
I would rather ask the administrative-users for that passphrase (as well as a \
username and password that my CGI script would enforce), but I don't know how to pipe \
that into anything other than the standard input for GPG and I can't have the \
passphrase and the data-to-be-decrytped both piped in via stdin.

I know this is confusing, but I've been trying to make this work for a week and am \
just getting nowhere.

Thanks so much in advance!


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


[prev in list] [next in list] [prev in thread] [next in thread]