Is it possible to force gpg to do in-place encryption? In other words, to overwrite the source (unencrypted) file with encrypted data?
This is how ccrypt(1) operates by default.
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is it possible to force gpg to do in-place encryption? In other words, to overwrite the source (unencrypted) file with encrypted data?
This is how ccrypt(1) operates by default.
The answer is basically no, not without custom code.
gpg can operate on pipes, so if there were an easy way to destructively send data to a pipe, this might be doable. But there isn’t.
Another idea to keep from using up the disk quickly is encrypt chunks at a time (in custom software).
It appears that ccrypt is able to operate in-place because the encrypted data is the same length as the decrypted data (I know little of crypto, but this might just be a general property of block ciphers). GPG/PGP does stuff like compressing and adding headers, so the output data won’t be the same length. If it is shorter, no problem (the above custom code should work). If it is longer, more work would need to be done to place overflow somewhere else.
This custom code adds complexity (and obscurity) to encryption and decryption.