Thanks for the input I'll use that a lot and let you know how it goes if it ever gets to go at all!!
Thanks, Dan > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Friday, March 21, 2003 12:26 PM > To: Dan Muey; [EMAIL PROTECTED] > Subject: RE: encdypt/decrypt files > > > > ------------------------------------------------ > On Fri, 21 Mar 2003 10:54:12 -0600, "Dan Muey" > <[EMAIL PROTECTED]> wrote: > > > Hello list, > > > > I am looking into being able to encrypt, symetrically, a > file, text, > > images, hopefully > > basically any type of file binary or ascii and save it to disc. > > > > then I need to be able to unencypt it to view it. > > I've looked into the Digest::MD5 and Crypt::Blowfish modules a bit. > > > > In general the above are pieces of a larger puzzle, that I > would suggest avoiding directly. As a good starting point I > would point you in the direction of OpenPGP, in general the > GnuPG implementation of it. This is a validated and popular > encryption system, that is free, both beer and speech. > Conveniently there are also 4 Perl modules built as either an > interface to the gnupg executable or as a "pure" Perl > replacement of that program. > > > Ok so here's my questions :: > > > > Is there a way to store some file info in the encrypted file? > > (Like Content-type and original name) > > > > For instance say I have a gif encrypted as file1.encrypt. > > It would be nice to have a script that could unencypt > it, see that > > it was a gif and then display it in a browser with the > appropriate > > headers, IE "Content-type: image/gif\n\n". > > > > I believe (because it has caused us problems :-)) that the > gnupg program stores the original file name, and may provide > a means for accessing further information about the file. > > > Or original file name so you could unencrypt it and > write it to file > > with the original name? > > > > See above. > > > Any advice on the pros and cons of the different encyption related > > modules? > > Two of the modules I alluded to above we were successful at > testing in part of our system (though we ended up not being > able to use any of them for reasons unrelated to their > abilities). They are: > > Crypt::OpenPGP - Written in Perl using numerous other Perl > modules to simulate OpenPGP (with a gnupg compatibility setting) > > GnuPG::Interface - An elegant implementation of calling gnupg > from the command line, requires gnupg to be installed on the > local system. > > Two other modules exist, one of which uses a deprecated > feature of gnupg that we had to avoid (and should probably be > avoided and is replaced by the module mentioned above), the > other failed to install because of a dependency problem, one > we specifically wanted to avoid. > > > Experience, advice , etcc.. > > > > I know this will vary betwwen modules but how would I go about > > handling ascii files vs binary files? > > > > This does vary I would imagine, though any package should > handle them in such a way that it is hidden from you (aka > nothing you should worry about). > > > Sorry if this is too vague, I'm really really new to doing > this with > > entire files. Any pointers to resources would be appreciated too. > > > http://www.gnupg.org is probably a good place to start. It is available for most platforms. gnupg also integrates well with other applications, such as mozilla, other mail clients, etc. There is also a 'crypto' Perl mailing list specifically for this topic, though it is low traffic. http://www.openpgp.org/ Let me know if you have any questions, etc. I am definitely not an encryption expert, and have only dealt with 2 forms of encryption, one of which is old, unsupported, and generally beyond its time (we still have to support it though, grr..) and OpenPGP, I am sure there are other good encryption systems out there as well. http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
