Path: usenet.cise.ufl.edu!usenet.ufl.edu!news.fsu.edu!gatech!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!news-peer.sprintlink.net!news-pull.sprintlink.net!news-in-east.sprintlink.net!news.sprintlink.net!Sprint!199.2.96.62!news.rain.net!news.teleport.com!not-for-mail From: Russ Allbery Newsgroups: comp.lang.perl.announce,comp.lang.perl.modules Subject: ANNOUNCE: PGP::Sign 0.08 Followup-To: comp.lang.perl.modules Date: 20 Sep 1997 14:16:16 GMT Organization: The Eyrie Lines: 61 Sender: news-merlyn@gadget.cscaper.com Approved: merlyn@stonehenge.com (comp.lang.perl.announce) Message-ID: <600lrg$6f5$1@nadine.teleport.com> NNTP-Posting-Host: gadget.cscaper.com X-Disclaimer: The "Approved" header verifies header information for article transmission and does not imply approval of content. Xref: usenet.cise.ufl.edu comp.lang.perl.announce:26 comp.lang.perl.modules:887 PGP::Sign 0.08 is now available from CPAN, or from ftp.eyrie.org in /pub/software/modules (actually, it has been for a while, but this is the formal announcement). From the README: PGP::Sign version 0.08 (Create detached PGP signatures for data) INTRODUCTION One important thing to clear up right away: THIS IS NOT A GENERAL PGP MODULE For wonderful general PGP modules that will encrypt, decrypt, manage key rings, slice, dice, fold, spindle, and mutilate your data, see the PGP by-module directory at your local CPAN mirror. This module sprung out of a need to do one thing and one thing only, do it securely, and do it well. This module creates and checks detached signatures for data. That's it. If you want to do anything else that PGP lets you do, look elsewhere. The original purpose of this module was to factor out common code in a News::Article class written by Andrew Gierth that did PGPMoose signatures and signed control messages. It should now be possible to reimplement PGPMoose, signcontrol, and pgpverify using this module, and the second and parts of the first have already been done. So much for the "one thing only" part. For the "do it securely" part, this module uses a pipe and PGPPASSFD to pass the secret key password to PGP, rather than a command line flag or an environment variable as seen in other modules. Both of those are subject to snooping by other users; this approach isn't. For the "do it well" part, the interface to this module takes every form of data known to man. Scalars and arrays are no problem, of course, but if you give it a reference to an array, it'll walk the array to avoid making a copy of a potentially large data structure. You can also give it an open file (in the form of a glob, a reference to a glob, a FileHandle object, an IO::Handle object, or anything derived from either) and it'll walk that too. Or you can give it a reference to a scalar if you really want to and it's cool with that. Or, if you want to get really exciting, you can give it a reference to a sub and it'll call the sub repeatedly to get more data until the sub returns undef. Perfect for walking some complex data structure you don't want to make an internal copy of. And if there's any other interesting data structure you want to throw at it, tell me about it, and the next version will probably support that too. See the documentation for all the gory details, which really aren't that gory. At least yet. Bug reports to the above address. Share and enjoy! -- #!/usr/bin/perl -- Russ Allbery, Just Another Perl Hacker $^=q;@!>~|{>krw>yn{u<$$<[~|| 0gFzD gD, 00Fz, 0,,( 0hF 0g)F/=, 0> "L$/GEIFewe{,$/ 0C$~> "@=,m,|,(e 0.), 01,pnn,y{ rw} >;,$0=q,$,,($_=$^)=~y,$/ C-~><@=\n\r,-~$:-u/ #y,d,s,(\$.),$1,gee,print .