I tried using Crypt::OpenPGP but encountered some issues decrypting GPG encrypted messages. So now I'm looking for alternatives. I would like the module to be able to do its encryption/decryption entirely in memory, because we'd like to ensure that the data isn't exposed on disk at any time in an unencrypted state. The server will have a gpg of version 2.x which it seems not all modules support. Is there a good module for me to use that will work? I'm finding sifting through these modules a little hard, because there doesn't seem to be one "best" module, and they are of varying ages.
Asked
Active
Viewed 1,096 times
3
Community
- 1
- 1
xenoterracide
- 16,274
- 24
- 118
- 243
-
Have you looked into writing XS code to interface directly with libgpg? – Rob Feb 05 '13 at 15:41
-
nope, XS is confusing and not well documented in my opinion. I found a GPG wrapper that worked well enough. – xenoterracide Feb 06 '13 at 19:03
1 Answers
0
As Rob said, the best solution is to use XS.
Please have a look at this book: Extending and Embedding Perl.
That book is very good for someone who knows some C and C++ and wishes to dive into XS. Perl knowledge is also necessary.
Basically, XS is just the API Perl exposes in order for you to access all data structures:
- scalars
- globs
- hashes
- references
- arrays
- etc
XS modules have 2 sections:
- one with C or C++ code (depending on how you tell h2xs)
- one with code that's also C/C++ but with some small differences in syntax which are turned into C/C++ by xspp
You will have to write tests for your code in order to ensure that it is working as you want it to.
While writing XS I highly recommend that you use:
- gdb with a Perl compiled with debugging symbols
- valgrind to make sure you don't have memory leaks
If you may have performance concerns I recommend you use callgrind as it is one of the best tools profilers out there. You can view the output of callgrind using kcachegrind.
Your starting point is h2xs. It is an utility which generates all the boring boilerplate you don't want to deal with. In order to get some grips with h2xs read this tutorial.
Keep in mind that h2xs will generate a Makefile.PL for you, which after you run perl Makefile.PL will generate a standard Makefile. From then on you can make your module. Make sure you tell Makefile.PL to link with libpgp. Also make sure that you have the -g to compile with debugging symbols. You will get into situations where you will have to debug with gdb and debugging symbols are necessary.
In addition, here is a presentation on XS called Baby XS. It will be a very good introduction on XS.
I also suggest you get that book, it is amazing. I have used it while I was writing XS code and it has been very helpful to me(and still is).
P.S. If you don't want to deal with all of XS, you can use the more lightweight Inline::C or Inline::CPP. But you will have to go through the book mentioned above(or the official Perl XS tutorial) to know the basics of XS API.
I think you feel it's a bit hard to start, but once you learn some XS basics it will all be much easier. The advantage if you learn XS is that you're not tied anymore to someone offering support for an XS module, you will be able to write your own, or use bits and pieces from other XS modules. If you say Crypt::OpenPGP does not have the features you need, you can write your own.
