GPG detection on Windows?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Everyone, I'm designing an application that will run on Windows and utilize GNUPG. Right now, I'm detecting if GPG is installed by calling it then parsing the output of the command to see if it succeeded or failed. This is VERY messy and not my preferred way. Does GPG4Win install anything to the registry that I could check for to see if it's installed? Thanks, Anthony - -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:cajuntec...@iptel.org XMPP:cypherp...@patts.us Website: www.cajuntechie.org PGP Key: 0x53B04B15 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJR6CLAAAoJEAKK33RTsEsV+IQP+gKv6yIZuh1fx2zTA9/7+6RE G6+8+35szeQ3zCkGsGgFkzeDlSlgffeUekmMnaEZk2K7i0L0SDh1ddAfkuXufJez iw12drHrKqx4svwSKMPRFZJAlr7nL/a7Fl91cKCplOn90fodekB7O8caZGM4mskB eRRZPBOs+f4Kx/zFZONEbjcxnIksuqD3W+hspPQaF+99xYMMS2B2WitPSMj3dzXg DVo1eKwAbYvln5gmgLw0CAoSI6iVWC2hQeX+6mlVUPWrOZrA/yfGBhlKWz8JEIsS h05UXXeDOa/bSUL8iuoqX0JqOs/MJrHyKabf9EDTSugIazfqCodC9ZKYYdFFTjZG IhFH0kArOjhCU2FstkfqK9jYzASYa6/v29hhh17piu88rTlqAnGHYxQLMXHp0qLD P7IhsUXp2FGoSeXJ5Igo/MpQ5E9J3O2fPniREK2PzZRUpRkItlnqjZP6W96xuHS8 E7AbrOZK4mzYupnWZhbW4zLIH/c2nHSFMRBK00e4EmIEovAUcTPJaWUlDFUeF7Dj v44Ac6ipfmK4adSugkwqpz5royPal4QkgouueMabWlJbwSK2CzInswwmiMww7Lad 5yHerAIEDN7XSGNxW8KzDuR1lxoZwqs6pC1n4MRzVaJ0edMwe2BHh8Ydo0JyPRFZ zSsS3Fv3fN6U0sJE3qRP =6yl1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: searching for keys: hkpms
Hi, I reuse the thread as this topic is quite related. From the parcimonie [1] manual one sentence hit my brain: if using hkps:// (which would be our second choice behind hkpms://). To be honest, this is the first time I heard of hkpms, despite I am a reading some lists and try to keep up with security topics. As Wikipedia has no article [2] on this yet by this (eventually I find time in some quite night hour) I try to summarize my finding in case others find this useful or are keen to add something. [1] https://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/ [2] http://en.wikipedia.org/wiki/HKPMS This the parcimonie manual does say: hkpms:// We recommend using hkpms; see http://web.monkeysphere.info/ for details. When a hkpms:// keyserver is being used, one needs to do two additional steps since gpgkeys_hkpms does not work in the torsocks wrapped environment parcimonie uses by default to run gpg. Torify gpgkeys_hkpms Just add the following line to gpg.conf: keyserver-options http-proxy=socks://127.0.0.1:9050 Hey, parcimonie, gpg is already torified Pass the --gnupg-already-torified switch to the parcimonie daemon command-line. parcimonie will then rely on the keyserver-options previously added to gpg.conf, and won't attempt to torify gpg connections itself. http://www.gossamer-threads.com/lists/gnupg/users/60543 in the nearer term, you could also use msva-perl with hkpms (if you want to verify remote hosts via the OpenPGP web of trust). https://tails.boum.org/contribute/design/ Monkeysphere's hkpms:// support will be used as soon as possible in place of the hierarchical X.509 certification model. hkpms is available in Debian: msva-perl http://packages.debian.org/jessie/msva-perl Cryptographic identity validation agent The Monkeysphere Validation Agent offers a local service for tools to validate certificates (both X.509 and OpenPGP) and other public keys. This package contains a perl implementation of a Monkeysphere http://web.monkeysphere.info/FAQ/ In addition, this project being what it is, there is now also a Monkeysphere-enabled hkps (hkpms) module provided with the Monkeysphere validation agent package (msva-perl in Debian). This uses the users monkeysphere validation agent, if running, to confirm the identify of the keyserver. The Monkeysphere developers have signed the host key of keys.mayfirst.org¸ so if you have a trust path to the Monkeysphere developers you can try using hkpms://keys.mayfirst.org. I found that Kristian's key is signed for hkpms too, while the manual also recommends to use a different pool server for parcimonie than for daily requests. You may want parcimonie to use a different keyserver than the one your usual GnuPG invocations do. This can be achieved by passing to parcimonie a command-line option such as: --gnupg-extra-arg --keyserver=hkps://zimmermann.mayfirst.org pub 4096R/40F3D015 2012-10-06 hkps://keys.kfwebs.net hkpms://keys.kfwebs.net https://keys.kfwebs.net hkps://hkps.pool.sks-keyservers.net hkpms://hkps.pool.sks-keyservers.net https://hkps.pool.sks-keyservers.net Fingerprint=29D2 ED98 74EE 2B60 3CE3 648E 8BF5 AD41 40F3 D015 To use hkpms with the above I add to ~/.gnupg/gpg.conf keyserver hkpms://hkps.pool.sks-keyservers.net keyserver-options http-proxy=socks://127.0.0.1:9050 $ gpg --search cia gpg: searching for cia from hkpms server hkps.pool.sks-keyservers.net gpgkeys: protocol `hkpms' not supported gpg: no handler for keyserver scheme `hkpms' gpg: keyserver search failed: keyserver error Of course! How should gpg know how to handle monkeysphere requests if it is not installed. So we need to install msva-perl. $ gpg --search cia Requesting a socks proxy for hkpms, but LWP::Protocol::socks is not installed. This will likely fail. Received 'ca-cert-file=/etc/ssl/certs/sks-keyservers.netca.pem' as an option, but gpgkeys_hkpms does not implement it. Ignoring... HTTPS error: 501 Protocol scheme 'socks' is not supported Currently msva-perl recommends liblwp-protocol-socks-perl but I usually drop recommendations by config due to limited disk space. So I also installed liblwp-protocol-socks-perl (maybe it should become a dependency of msva-perl in future versions). $ gpg --search cia gpg: searching for cia from hkpms server hkps.pool.sks-keyservers.net gpg: error reading key: public key not found Monkeysphere HKPMS Certificate validation failed: Failed to validate https://hkps.pool.sks-keyservers.net; through the OpenPGP Web of Trust. HTTPS error: 500 Can't call method http_configure on an undefined value gpg: key cia not found on keyserver This often puzzles me with gnupg. Gpg tells 'public key not found' which in the first place confuses me to think that no key CAN
Re: GPG detection on Windows?
On Thu, 18 Jul 2013 12:15:51 -0500 Anthony Papillion articulated: I'm designing an application that will run on Windows and utilize GNUPG. Right now, I'm detecting if GPG is installed by calling it then parsing the output of the command to see if it succeeded or failed. This is VERY messy and not my preferred way. Does GPG4Win install anything to the registry that I could check for to see if it's installed? The software details installed in a PC is found in the registry in the location HEKY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall . You can use the following code to get the list of software programs installed in the system. You can determine whether it is latest using the InstallDate key in the registry. /// summary /// Gets a list of installed software and, if known, the software's install path. /// /summary /// returns/returns private string Getinstalledsoftware() { //Declare the string to hold the list: string Software = null; //The registry key: string SoftwareKey = @SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall; using (RegistryKey rk = Registry.LocalMachine.OpenSubKey(SoftwareKey)) { //Let's go through the registry keys and get the info we need: foreach (string skName in rk.GetSubKeyNames()) { using (RegistryKey sk = rk.OpenSubKey(skName)) { try { //If the key has value, continue, if not, skip it: if (!(sk.GetValue(DisplayName) == null)) { //Is the install location known? if (sk.GetValue(InstallLocation) == null) Software += sk.GetValue(DisplayName) + - Install path not known\n; //Nope, not here. else Software += sk.GetValue(DisplayName) + - + sk.GetValue(InstallLocation) + \n; //Yes, here it is... } } catch (Exception ex) { //No, that exception is not getting away... :P } } } } return Software; } //EXAMPLE USAGE: private void get_software_list_button__Click(object sender, EventArgs e) { MessageBox.Show(Getinstalledsoftware()); } -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG detection on Windows?
On 07/18/2013 05:15 PM, Anthony Papillion wrote: Hello Everyone, I'm designing an application that will run on Windows and utilize GNUPG. Right now, I'm detecting if GPG is installed by calling it then parsing the output of the command to see if it succeeded or failed. This is VERY messy and not my preferred way. Does GPG4Win install anything to the registry that I could check for to see if it's installed? Yes. Just fire up regedit and search for gnupg (or maybe just gnu). There are also the folder / files in: %ProgramFiles%\GNU\GnuPG You probably just want to test whether either of these files are there since them or one of the others is what you are using: %ProgramFiles%\GNU\GnuPG\pub\gpg.exe %ProgramFiles%\GNU\GnuPG\pub\gpg2.exe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG detection on Windows?
On Thu, Jul 18, 2013 at 10:23 PM, Henry Hertz Hobbit hhhob...@securemecca.net wrote: You probably just want to test whether either of these files are there since them or one of the others is what you are using: %ProgramFiles%\GNU\GnuPG\pub\gpg.exe %ProgramFiles%\GNU\GnuPG\pub\gpg2.exe Protip: you can change the install location! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users