Search code examples
perlopensl

Capturing SSL output using backticks Perl

I might be looking at this to simply and I am not sure what I want to do is possible but this hopefully will save a lot of time from having to read in and out to different files.

I am trying to do is use backticks to receive the output of an OpenSLL exe which will encrypt a certain part of a string. Then use the output to add it into another file. OpenSLL will automatically output to a text file.

For example:

Sample text: 1234, test text
ID- 1234, 
Encrypted text- test text

Will then be 

ID- 1234, 
Returned encrypted text- **&&**&&
And then be output to a file
1234, **&&**&&

I know this can be done by reading in and parsing the encrypted text and then appending the output to a new file but as I am looking to do this for 100 or 1000 lines I was hoping to avoid this as it will be a lot of extra processing.

Hopefully you can see my idea and if anyone could help it would be gratefully appreciated.

#!/usr/bin/perl -w
use strict;

my $OpenSLLFile = "\\openssl.exe";

my $publickey = "public.pem";
my $privatekey = "private.pem";
my $inputtext = "output.txt";
my $outputtext = "abcd.txt";
my $compID = "1232";

my $encryptiontext = "openssl rsautl -encrypt -pubin -inkey $publickey -in $inputtext -out $outputtext";
my $decryptiontext = "openssl rsautl -decrypt -inkey $privatekey -in encrypted.txt -out plaintext.txt";

#Idea 1
#my $test = `$encryptiontext`;

#Idea 2    
#my $test = system ("$encryptiontext");

#Idea 3
`$encryptiontext`
my $test =  $?;

open (outputtest, '>>outputtest.txt') or die "$!";

my $a = "$compID, $test";

print outputtest "$a\n";

close(outputtest);
Solution

  • The openssl commands you're piecing together are writing to certain output files (the ones after the -out parameter). So you have two choices if you want to get to the output:

    1. read the output from the file openssl has written to
    2. let openssl write to the standard output and capture that directly in Perl with the backticks operator.

    The second version avoids temporary files and all the hassle associated with it (e.g. having to delete them, failure or not; making sure no decrypted content stays somewhere in the file system where other users can read it etc etc).

    This should be trivial by removing the -out ... parameters from the commands. Then you can capture the text like in your idea:

    my $encrypt_commnad = "openssl rsautl -encrypt -pubin -inkey $publickey -in $inputtext";
my $encrypted_text  = `$encrypt_command`;