Wild card work around for GPG scripting in Windows

mac-gpg-logo[1]GPG is a fantastic encryption tool. It’s cross-platform, robust and highly scriptable. Though, under Microsoft Windows, there is one big flaw. The gpg tool does not support wild cards for input files. But there is a solution!

Here’s the scenario, you have a file you want to transmit securely over an unsecured network. Also, you want to automate the encryption of the file. To top this off, your file has a different filename at any given point. For this example we’ll say the file name changes daily to include a date stamp in the file name.

You would think this would work:

gpg -o *.pgp -r myreciepients@emailaddress.com --encrypt *

Unfortunately it does not. So how do we work around this issue? We grab the file name we want to encrypt and store it in a variable to be used in the command.

Windows batch scripting has sufficient tools to accomplish this. We’re going to grab the file name and set a variable with a little bit of scripting.

for %%a in (SuperSecret*) do set FileToEncrypt=%%a

This is going to look at all the files in the current folder that start with SuperSecret and then set it to the variable FileToEncrypt. Note: You will get very angry if you try this interactively in the cmd window. For some reason it does not work interactively. You get a funny error that doesn’t seem to properly explain the issue. Just put this in a batch file for testing, it will work that way. Also, this only works if there is one file in the current working folder called SuperSecret. For our example, the scripting is going to locate SuperSecret20130208.txt.

If you copy the above snippet of scripting and put it into a batch file called SetEncryptedFileVariable.bat and run it, you will have a variable set for your SuperSecret file. You can test this by running the script then interactively in a cmd window type echo %FileToEncrypt%. You should see your file name in the command window.

One last piece of scripting, then we’ll put this all together. Before you run this process, you will want to clear out your variable. Insert this line at the start of your batch file.

Set FileToEncryp=

This will clear the variable and ensure you don’t have old data sitting in it.

Let’s put it all together:


Set FileToEncryp=
for %%a in (SuperSecret*) do set FileToEncrypt=%%a
gpg -o %FileToEncrypt%.pgp -r myreciepients@emailaddress.com --encrypt %FileToEncrypt%

Let’s recap what this does; Line one clears the variable we’ll set later. Line two reads in all files in the folder looking for anything that starts with SuperSecret then writes what it finds to the variable FileToEncrypt. Line three does all the magic with GPG. gpg is called with an output file name set to the variable.pgp. Next gpg is told to use the public key from our recipient. Finally, we tell gpg to encrypt the file set in the variable.

By the end of all this you will have your file encrypted and you can reuse the script to repeat the process. In my case I have combined this with a secure ftp tool and automated the transmission of a file on daily basis.

Good luck!

No Comments

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

You must be logged in to post a comment.

WordPress Themes