Using OpenPGP Encryption Within Perl
There are a few perl modules and tools out there that can be used to encrypt data using PGP or GPG. Most of them require that the end user have an actual pgp or gpg executable program that can be accessed by a system call or an IPC pipeline. But there is one module that stands out from the rest.
Crypt::OpenPGP is a pure perl implementation of the OpenPGP standard. It can support different versions of PGP and GPG encryption. Using this distribution will not require a command line program for a back-end.
Here's a short example of sending an outgoing message that will be signed using an existing GPG key.
#!/usr/local/bin/perl # # Includes use Mail::Internet; use Crypt::OpenPGP; our $headers=[ "From: firstname.lastname@example.org", "To: email@example.com", ]; our $msg=<<EOM Thank you for filling out our survey. We will be emailing you shortly. EOM ; our $openpgp=Crypt::OpenPGP->new(Compat => "GnuPG"); our $sig=$openpgp->sign( Data => $msg, KeyID => "4FCA4C4D", Passphrase => "testphrase1", Armour => 1); $msg.=$sig; our $mailer=Mail::Internet->new($headers); $mailer->body($msg); $mailer->smtpsend(); exit 0;
One disadvantage of this method is that it requires about 15 dependency modules to be installed. There isn't a Bundle class to make the installation easy, but you can still get Crypt::OpenPGP up and running within an hour.
Chris Josephes works as a system administrator for Internet Broadcasting.
Comments on this weblog
Return to weblogs.oreilly.com.