Re: New GnuPG mirror

[Sam Whited]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 07/28/2012 03:20 PM, HardKor wrote:
> I just set up a mirror of the GnuPG website.
> 

I was considering running a GnuPG mirror for a while, but couldn't
find any information about where (geographically) they needed mirrors,
how often they recommended syncing, or where to pull from (presumably
there is an rsync server somewhere?).

Is there a page on the GnuPG site somewhere that discusses setting up
and running a mirror or a mirror-maintainers mailing list?

Best,
Sam

P.S. Damn Thunderbird interface; one of these days I'll actually hit
"Reply List" on the first try. Sorry, you'll be getting two of these
HardKor.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)

iQIcBAEBCgAGBQJQGJy9AAoJEPs5vPfsLJk0bkwP/2GbIUz9WrkdIPC5oHRxazxJ
QPUmhU1SGLufE5dqCXSjfHEvFDLbQ1OD/OUlU7WXhiSJ7PMbgAGW4Z0bSSp4eKCe
I9aUbSRhN2pViVsk3yTIagwCjN6lszML9OuZHwC75lFTAFFovb/S/7/TSGFyUuxg
CJeO4X+xnRks4wpAVxtWaQvx68sRpswhPEqYCww5HyF9sErZvfFR6cJzwLy2mYoI
Px7NdIcr0qPoA866BOQUNbuDLARoHx6sSUp89EGAQDAWEk8WwKStkr8xfU1ixFaO
Js9Ygb3JDuBtZBHzQtqLFr6Kiz8Y4Ptn0TfjUOvBV4zwop2Op31ewtn7rkYFU7mk
jh4y9/V8mzgRSTCPGjaZ1iuEN2VeZfO3arQbLc4MiTr2Ch069WOrAXD9m1u9jS/r
JskpWW/qPYsZTy02pZlhdSzIx3NO1Yd1MbAL0Crd+kwUx87LjKQV+9PUNpj9i8rX
qQXFJcXaMzK0UQHpuqIy6BDhOkemXzIwX4AkaQvAYAgRpiFkAikYZFbS+09fxghL
kQMG8vWTDqD19/N8hXiBuXP41xKcy+6pn26c0wkYTYrbONPLuwKT3IlIu45y8J2d
LU/KlXZMqxNXwUzapqHtYYL7IXmcyFaEDLxMhdkKa56loWT6IP5o1eWPgJ1x+13n
/g6P7PKYKg7Wdd05s4Zt
=fGY/
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New GnuPG mirror

[Sam Whited]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 07/31/2012 11:04 PM, Sam Whited wrote:
> where to pull from (presumably there is an rsync server
> somewhere?).


Right after spamming the list I realized that the ftp server probably
also handled rsync. Other recommendations are still welcome though.

—Sam


- -- 
Sam Whited
pub 4096R/EC2C9934

SamWhited.com
s...@samwhited.com
404.492.6008
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)

iQIcBAEBCgAGBQJQGKCeAAoJEPs5vPfsLJk0/IsP/A/3qyxmATFG3YR8ynT0L57s
DWmP2d9BExpSEzJOLpd8dfOCqoddQyxDLhRL6wbZIUF10u/1dnP+d4UNeveHbB48
VEKciDXS3LEdAzue6HZ6X+GuAkvJZAyQFNqDfkPZOQoCh0rrL2mJIIYF64jUlUvx
FxKPUisX/byURvgkN4Mes6lqyghBihGs2zorMpoTbkICGSICBr4eZDFhfy9M3f5E
1Y3mADBHCmcRjmezt4J944gZjOuaVaacfWaQmH0mTI40MxIZuYPXFF4aDfuiuEJP
BiDPQ7eNn0DCmi7MI7WWYjQ4Cb/ZLv2tU/syIU/03R4vM58OAl95GH2hKZpfYNEG
zcUk3JLfDZtRFbjw9sJ+8HIruYOl/dhCugX53KMlAM9CJv7OjQai2EesTna1QAkh
H/LLKCIsyK24aByJPxMixhpIQOMuC3PXgWIDEuCjWUDQbnFGBsregxblZzSAX+yn
G4qjCx900PZ3Rw+27V0yK4y6qSrDo/oxSfYgFVqJRjA1I4+2fwt2g55P3zMnGOUW
CfVuMoTp7QuZOWMDPTsYvFzhIe3pRP2m1yr0sMNDg1mx3HU9cyxuOl93vc/c1hEQ
3DuDRh0oYsA6E0FG4QCZIEbKAirUs3PRmcVisQjHNFFQgxOO7/sooQ3L0D0DXds5
R1135pW0rB125Q74TXJS
=NJ8m
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg "simplified"?

[Robert J. Hansen]

On 7/31/2012 8:17 AM, peter.segm...@wronghead.com wrote:
> Correct me if I'm wrong, but it is unreasonable to expect anybody
> to successfully and safely use gpg without understanding the
> concepts and mastering the skills essential to the WOT:

This is not at all the case.

Set up a trusted introducer/certificate authority and presto, bang,
you're off to the races.  When Alice comes on board at the company, the
local authority generates a certificate for her, sets up her
Thunderbird+Enigmail installation (or choose-your-preferred-MUA), signs
her certificate, and has her certificate recognize the CA as a trusted
introducer.

All Alice needs to do is choose her passphrase.  She can now communicate
securely with anyone inside the organization.  In order to communicate
securely with someone outside the organization, she calls up the
certificate authority and says, "I need to email some documents to Bob
over at another firm.  Could you please make this happen?"

The CA then calls Bob, does the identity check, fingerprint
verification, etc., and at the end of it signs Bob's certificate and
introduces Bob's certificate to the local keyserver.  The CA calls Alice
back and says, "Grab Bob's certificate from the local keyserver: you're
good to go."

At no point does Alice need to know anything about the Web of Trust.
All she needs to know is --

1.  She needs to keep her passphrase secure
2.  If she wants to send secure email, she needs to
check to see if her recipient's certificate is
on the keyserver
3.  If it's not, she needs to call the local CA

The rest can all be done automatically.

> Most users in this group have no single computer they operate on.
> Occasionally they must be able to create cipher-text on "drive-by"
> computers

This cannot be done safely.

You must have physical control over the hardware for GnuPG to be used
safely.  "Drive-by" machines have uncomfortably high malware infection
rates.  Don't use GnuPG except on machines that you physically control
and are confident are free of malware.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: message signature types

[Charly Avital]

auto15963931  July 31, 2012 2:47:22 PM wrote:
> If this is the wrong place to ask, please point me in the right
> direction. Where can I learn more about importing, if such a thing is
> even done this way, and making use of message signatures which utilize
> an "smime.p7s" file? I got a message from someone who uses this, and I
> need to learn about verifying and downloading from a keyserver files
> like this. Especially important for me is learning how to check whether
> it had been revoked, etc.  Where is a support group for this sort of
> signature if this is not it? Thanks.

S/MIME = Secure Multipurpose Internet Mail Extensions is a standard for
public key encryption and signing of e-mail encapsulated in MIME.

It achieves goals that are similar to GnuPG's but uses different means.

The use of GnuPG requires the installation of GnuPG software, and some
kind of module that will enable interaction between that software and
the e-mail client one is using. GnuPG per se enables its user to
generate and manage certificates (aka keys).

S/MIME does not require the installation of any such software but needs
to obtain and install a certificate/key that is issued by a Certificate
Authority (CA). The certificate that is issued by the CA of your choice
has to be imported into your e-mail client (if it has S/MIME capability)
or into your browser.

You might try .

I am sure members of this list will provide more accurate information.

Charly
OS X 10.8 (12A269}  MacBook Intel C2Duo 2GHz-GnuPG 1.4.12-MacGPG2-2.0.17-9
Thunderbird 14.0 Enigmail 1.5a1pre (20120727-2257)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg "simplified"?

[peter . segment]

On 31/07/12 09:35, Werner Koch - w...@gnupg.org wrote:

Why do you think gpg2 won't work or does any network access
without user consent?


Correct me if I'm wrong, but it is unreasonable to expect anybody
to successfully and safely use gpg without understanding the
concepts and mastering the skills essential to the WOT:
key signing, sub-keys, revocations etc. This makes the use of gpg
(or even an early, "portable" pgp version (2.6.something IIRC?)
unfeasible). As far as the network access is concerned, the best
(the only?) way to ensure there is no compromising network access
is to have a network-ignorant application program.

In this application I have a group of otherwise technically competent
users that, however, have no need or interest to securely communicate
or exchange data with anyone who is not a group member and has not
been introduced to them by the group manager. (Please take the term
"group manager" in the widest possible sense). He can easily do all
the necessary key management (distribution, verification, revocation...)
functions in the course of his other (quite extensive, actually) group
management tasks and activities.

Most users in this group have no single computer they operate on.
Occasionally they must be able to create cipher-text on "drive-by"
computers, not connected to the public network or where any network
access is raising undesired attention . It is essential that the
software requires no "installation" on the computer it is to be used
on. (i.e., it must be statically linked, with no external dependencies).

>> ... This file is encrypted with operator's public key...
>this probably will not be possible ...

Yes (clumsily worded in the OP). Obviously, operator's private key
can't be "encrypted with itself" - it will have to be encrypted
with a pass-phrase generated key, just as it is in gpg.

Peter M.




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: message signature types

[Werner Koch]

On Tue, 31 Jul 2012 18:57, auto15963...@hushmail.com said:

> even done this way, and making use of message signatures which utilize
> an "smime.p7s" file? I got a message from someone who uses this, and I

Feel free to ask here.  GnuPG has a complete CMS/X.509 (aka S/MIME)
implementation.

> like this. Especially important for me is learning how to check whether
> it had been revoked, etc.  Where is a support group for this sort of

By default GPGSM consults a CRL - in theory this is all you need.  The
little remaining problem is that PKIX (the public key infrastructure
used with S/MIME) does not work at all at a global level - or well, it
is not as secure as Verislime, Diginotar, and others try to tell you.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: pipe passphrase to unlock key

[Werner Koch]

On Tue, 31 Jul 2012 17:53, ciprian.crac...@gmail.com said:

> First of all I would really have liked the tool to not just ignore
> the `--no-user-agent` flag and bail out...

That would make migration for user of 2.0 to 2.1 too complicate.  We try
to do the migration as smooth as possible.

> thus what is the purpose of the agent anymore? (Except handling cards
> which isn't the case in most instances...)

The agent does not handle cards.  It just acts as a proxy for scdaemon.
What the agent does is to perform all operations involving the private
key (e.g. signing and decryption of the session key).  GPGSM works this
way for 10 years now; 2.1 completes it and moved the private key
operations for OpenPGP also to the agent.

> * each invocation of `gpg2` will start its own, but not as a
> child, but by making it double fork in the background;

That was the default in 2.0 on Unix.  2.1 will start the agent only once
and keep it around.  The Windows version of 2.0 does this for a few
years now.

> * but unfortunately the tool won't be able to export that
> environment variables to its parent...

No problem anymore.  We need an envvar only for the ssh support and that
is a fixed value.

> * and also after the invocation the agent would just remain there;

Right.

> not restart another agent, but still we have at least one agent
> running, and for no purpose as there is no password to enter...

The agent is not for the passphrase.  The passphrase handling code is
only a minor function block.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

message signature types

[auto15963931]

If this is the wrong place to ask, please point me in the right
direction. Where can I learn more about importing, if such a thing is
even done this way, and making use of message signatures which utilize
an "smime.p7s" file? I got a message from someone who uses this, and I
need to learn about verifying and downloading from a keyserver files
like this. Especially important for me is learning how to check whether
it had been revoked, etc.  Where is a support group for this sort of
signature if this is not it? Thanks.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: pipe passphrase to unlock key

[Ciprian Dorin Craciun]

On Tue, Jul 31, 2012 at 6:35 PM, Werner Koch  wrote:
> On Tue, 31 Jul 2012 12:54, ciprian.crac...@gmail.com said:
>
>>> Not a good idea, because GnuPG 2.1 requires the gpg-agent and won't see
>>> any private key stuff.
>>
>> Not necessarily if you use the `--batch`, `--no-use-agent`, or
>> `--no-tty` (or a mix of the I'm not sure right now, but the manual
>
> Nope.  Recall that I implemented the stuff.

(Sorry I didn't knew you've implemented it.) :)

Mmm... Didn't read the "fine print" of the manual... (Which isn't
that fine print...)

   --no-use-agent
  This is dummy option. gpg2 always requires the agent.


Then I'm a little bit at unease...

First of all I would really have liked the tool to not just ignore
the `--no-user-agent` flag and bail out...

Then if I use the `--batch` option it doesn't ask for a password,
thus what is the purpose of the agent anymore? (Except handling cards
which isn't the case in most instances...)


>> But on the other side, not always you have the option of running a
>> `gpg-agent` (for example on server side of a background job, etc.),
>
> I run it on servers ;-).

I bet you can run it on servers. And I bet it works nicely.

What I also bet is that it leaves dangling "background" processes
lying, because -- if I'm correct -- the following happens:
* if I implement a service that isn't started with an `gpg-agent`
properly set up, then
* each invocation of `gpg2` will start its own, but not as a
child, but by making it double fork in the background;
* but unfortunately the tool won't be able to export that
environment variables to its parent...
* and also after the invocation the agent would just remain there;

Maybe the tool would check if someone listens on the socket and
not restart another agent, but still we have at least one agent
running, and for no purpose as there is no password to enter...


Or?
Ciprian.


P.S.: Maybe you remember that I've sent a patch in the past that
adds an option to the agent not to double fork (which was rejected)...
I really still strongly believe that double forking is very bad, and
should be done only in exceptional cases... (And the GnuPG or SSH
agents aren't one of those cases...)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg "simplified"?

[yyy]

On 2012.07.31. 12:35, Werner Koch wrote:
> On Tue, 31 Jul 2012 07:11, y...@yyy.id.lv said:
>
> Why do you think gpg2 won't work or does any network access without user
> consent?
>
gpg2 requires gpg agent..., i was referring to posibility
to making it a portable application (not requiring
installation, not leaving traces in host computer when run)

there (in this list) have been some threads about
how to get rid of gpg agent in gpg2, so it would
behave more like gpg 1.4, but answer has been, that
it is not possible.

No application considered requires any network access
(gpg1.4, gpg2, openssl)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: pipe passphrase to unlock key

[Werner Koch]

On Tue, 31 Jul 2012 12:54, ciprian.crac...@gmail.com said:

>> Not a good idea, because GnuPG 2.1 requires the gpg-agent and won't see
>> any private key stuff.
>
> Not necessarily if you use the `--batch`, `--no-use-agent`, or
> `--no-tty` (or a mix of the I'm not sure right now, but the manual

Nope.  Recall that I implemented the stuff.

> But on the other side, not always you have the option of running a
> `gpg-agent` (for example on server side of a background job, etc.),

I run it on servers ;-).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Mac OS X 10.8 and OpenPGP Cards

[Kevin Kammer]

On Tue, Jul 31, 2012 at 12:00:23PM +0200 Also sprach Olav Seyfarth:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: RIPEMD160
> 
> Hi Kevin, list,
> 
> > I just upgraded from Mac OS X 10.7 to 10.8, and my ZeitControl cards, which
> > were formerly working perfectly, are now inaccessible.
> 
> please note that 10.8 brings significant changes (namely sandboxing) to Mac 
> OS X
> which does have impact on most software. Luke Le from GPGtools posted on 
> 26.07.:
> 
> > I Mountain Lion Mail.app is running in a sandbox which has a deep impact
> > on GPGMail: it can no longer communicate with gpg using a sub process.
> 
> http://support.gpgtools.org/discussions/everything/1573-os-x-108-mountain-lion-compatibility/
> 

Application sandboxing is now mandatory only for applications installed
through the Mac App Store;  applications installed by the root user (or
equivalent) outside of Apple's "official" channels still have free reign
over the whole system, as they always did.

While the information and link quoted above will almost certainly be
helpful for some people with Apple Mail/GPGTools problems, there is
definitely more going on in my case.  For one thing, the problems I have
observed with GnuPG 2.x are present outside of any mail agent, or other
application calling gpg2 (i.e. gpg2 --card-status does not work from the
command line--no mail involved).  Aside from that, I typically
sign/encrypt messages from Mutt, not Apple Mail, so the sandbox is
unlikely to effect me in the near future anyway.

Since I have discovered that GnuPG 1 is mostly usable with my cards at
this point, I will try to soldier on with that, but it's annoying that
GnuPG 2, which was working fine previously, is suddenly such a mess due
to this update.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: pipe passphrase to unlock key

[Ciprian Dorin Craciun]

On Tue, Jul 31, 2012 at 12:32 PM, Werner Koch  wrote:
> On Mon, 30 Jul 2012 21:15, ciprian.crac...@gmail.com said:
>> * (preferably) implement a fake `gpg` which does the following:
>> opens a pipe as you have done in your example, writes the password and
>
> Not a good idea, because GnuPG 2.1 requires the gpg-agent and won't see
> any private key stuff.

Not necessarily if you use the `--batch`, `--no-use-agent`, or
`--no-tty` (or a mix of the I'm not sure right now, but the manual
is.)

>> password=...
>>
>> env \
>> GPG_PASSPHRASE_FD=<( printf -- "${password}" ) \
>> PATH="a-folder-where-your-gpg-wrapper-is:${PATH}" \
>> git ...
>
> This is a bad advise.  If you store the passphrase in a file, you are
> usually better off not to use a passphrase at all.

I completely agree with you on this. But the above didn't imply
saving the password in the script... `password=...` was just a
suggestion that you need to somehow obtain the password, and then use
it with the Bash `<( ... )` feature. (Although I've suggested it might
bee leaked to the file system.)

But on the other side, not always you have the option of running a
`gpg-agent` (for example on server side of a background job, etc.),
thus I guess this method has its uses.

Although I once more agree with you that if you need to automate
password handling maybe it's better not to use it. The only exception
I could think of is if you hold the password entirely into memory of a
daemon process that delegates signatures, but you feed it manually at
boot-up, this way at least if someone steals your device it will have
a harder time getting your actual key. (I completely ignore the "warm"
boot attacks, root-kits or the like... As in these cases your done
fore regardless...)

To complete my response, this is what I've replied privately to
the original poster, about the solution not involving Bash.

Ciprian.



[How to give the password to `gpg` while not controlling its invocation.]

The solution is quite simple and I think it is also portable. But
it still uses the customized `gpg` wrapper, it only solves the
potential password leaking to the file system.

I'll just highlight the solution, the details being quite simple:
* use the `pipe2` syscall (and use the `O_NONBLOCK` flag just to be sure);
* write the password to the pipe, then close the write end; (the
read end is still open;)
* (maybe be sure that the descriptor value is above or equal to 3;)
* export an environment variable holding the file descriptor value;
* `exec` your `git` process which will inherit the open end of the pipe;
* (in turn your `gpg` wrapper will inherit the descriptor and the
environment variable;)

What it gains you:
* first of all the password is now stored only inside the pipe and
can't be recovered from the arguments or environment of the processes
(via `/proc/$pid/cmdline` or `.../environ`);
* the password can be read exactly once by at most one process
(see below for the caveat);
* you have no other extra process running (as would happen in the
`<( ... )` Bash solution);
* if `gpg` would have accepted a `GPG_PASSPHRASE_FD` environment
variable you wouldn't have needed a wrapper script for `gpg`; (this
works for some other programs;)

What it doesn't grant:
* complete password secrecy, as anyone with proper rights (usually
any of your processes) could still quickly open `/proc/$pid/fd/$num`
and read the password;

If you need the password multiple times, this still can still be
done but you'll have to complicate the wrapper too, by:
* exporting both the read and write ends;
* the wrapper executes exactly one `read` operation, it writes it
again to the write end; (it doesn't close either ends;)
* it then creates another pipe and applies the trick as initially
described which is passed to `gpg`;
* (this works because POSIX mandates that a write less than a page
(4kb on Linux) must match exactly a read operation, thus maintaining
data boundry;)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Oracle behavior in Gnupg? //

[Werner Koch]

On Tue, 31 Jul 2012 11:56, b...@adversary.org said:

> On a related note, is it possible to extract the session key
> (--show-session-key), but without decrypting the file in the process?
> Just obtain the session key and stop there?  I've already tried -n

There is no such option.  I once did something similar, maybe you can
make use of attached patch.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
Patch for the gpg running on the freenigma servers.  This enables a
new mode to split public-key and symmetric encryption between two
processes.  When decrypting, gpg stops right after printing
information pertaining to the used session key.  When encrypting gpg
stops after it has encrypted the session key to all given recipients.
Information pertaining to this session key as well as the encrypted
session keys are printed.


2006-07-20  Werner Koch  

	* gpg.c, options.h: New option --remote-session-key
	* encode.c (encode_crypt): Handle remote_session_key mode.
	* mainproc.c (proc_pubkey_enc): Ditto.
	* cipher.c (write_remote_session_header): New.


diff -up orig/gnupg-1.4.4/g10/cipher.c gnupg-1.4.4/g10/cipher.c
--- orig/gnupg-1.4.4/g10/cipher.c	2005-07-27 19:02:55.0 +0200
+++ gnupg-1.4.4/g10/cipher.c	2006-07-20 11:10:10.0 +0200
@@ -39,6 +39,44 @@

 #define MIN_PARTIAL_SIZE 512

+void
+write_remote_session_header (DEK *dek, unsigned long filesize)
+{
+  byte temp[16+14];
+  unsigned int blocksize;
+  unsigned int nprefix;
+  u32 alen;
+  int i;
+
+  blocksize = cipher_get_blocksize (dek->algo);
+  if ( blocksize < 8 || blocksize > 16)
+log_fatal ("unsupported blocksize %u\n", blocksize );
+
+  {
+char buf[20];
+
+sprintf (buf, "%d %d", 0, dek->algo);
+write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
+  }
+
+  nprefix = blocksize;
+  randomize_buffer (temp, nprefix, 1);
+  temp[nprefix] = temp[nprefix-2];
+  temp[nprefix+1] = temp[nprefix-1];
+  temp[nprefix+2] = 0xcb;  /* Tag for a literal data packet. */
+  temp[nprefix+3] = 0xff;  /* Indicate 4 byte length header. */
+  alen = filesize + 6;
+  temp[nprefix+4] = (alen >> 24); /* Length of plaintext. */
+  temp[nprefix+5] = (alen >> 16);
+  temp[nprefix+6] = (alen >> 8);
+  temp[nprefix+7] = (alen);
+  temp[nprefix+8] = 0x62;  /* Mode = binary. */
+  temp[nprefix+9] = 0; /* Length of filename is zero. */
+  memset (temp+nprefix+10, 0, 4); /* No time given. */
+  for (i=0; i < nprefix+14; i++ )
+printf ("%02X", temp[i] );
+}
+

 static void
 write_header( cipher_filter_context_t *cfx, IOBUF a )
diff -up orig/gnupg-1.4.4/g10/encode.c gnupg-1.4.4/g10/encode.c
--- orig/gnupg-1.4.4/g10/encode.c	2006-04-20 09:26:52.0 +0200
+++ gnupg-1.4.4/g10/encode.c	2006-07-20 22:07:24.0 +0200
@@ -441,6 +441,9 @@ encode_crypt( const char *filename, STRL
 memset( &tfx, 0, sizeof tfx);
 init_packet(&pkt);

+if (opt.remote_session_key)
+  do_compress = 0;
+
 if(use_symkey
&& (rc=setup_symkey(&symkey_s2k,&symkey_dek)))
   return rc;
@@ -484,8 +487,17 @@ encode_crypt( const char *filename, STRL
 if( opt.textmode )
 	iobuf_push_filter( inp, text_filter, &tfx );

-if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) )
-	goto leave;
+if (opt.remote_session_key)
+  {
+out = iobuf_temp ();
+rc = out? 0 : G10ERR_RESOURCE_LIMIT;
+  }
+else
+  {
+rc = open_outfile( filename, opt.armor? 1:0, &out );
+  }
+if (rc)
+  goto leave;

 if( opt.armor )
 	iobuf_push_filter( out, armor_filter, &afx );
@@ -574,7 +586,18 @@ encode_crypt( const char *filename, STRL
 	}
 }

-if (!iobuf_is_pipe_filename (filename) && *filename && !opt.textmode )
+if (opt.remote_session_key)
+  {
+/* We read the size of the file from the input file.  */
+char temp[20];
+int c, i;
+
+for (i=0; (c=iobuf_get(inp)) != -1 && c != '\n' && i < DIM(temp)-1;)
+  temp[i++] = c;
+temp[i] = 0;
+filesize = strtoul (temp, NULL, 0);
+  }
+else if (!iobuf_is_pipe_filename (filename) && *filename && !opt.textmode )
   {
 off_t tmpsize;
 int overflow;
@@ -594,7 +617,7 @@ encode_crypt( const char *filename, STRL
 else
   filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */

-if (!opt.no_literal) {
+if (!opt.no_literal && !opt.remote_session_key) {
 	pt->timestamp = make_timestamp();
 	pt->mode = opt.textmode ? 't' : 'b';
 	pt->len = filesize;
@@ -608,7 +631,8 @@ encode_crypt( const char *filename, STRL
 	cfx.datalen = filesize && !do_compress ? filesize : 0;

 /* register the cipher filter */
-iobuf_push_filter( out, cipher_filter, &cfx );
+if (!opt.remote_session_key)
+  iobuf_push_filter( out, cipher_filter, &cfx );

 /* register the compress filter */
 if( do_compress ) {
@@ -639,8 +663,53 @@ encode_crypt( const char *filename, STRL
 }

 /* do the work */
-if (!opt.no_literal) {

Re: Mac OS X 10.8 and OpenPGP Cards

[Olav Seyfarth]

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Hi Kevin, list,

> I just upgraded from Mac OS X 10.7 to 10.8, and my ZeitControl cards, which
> were formerly working perfectly, are now inaccessible.

please note that 10.8 brings significant changes (namely sandboxing) to Mac OS X
which does have impact on most software. Luke Le from GPGtools posted on 26.07.:

> I Mountain Lion Mail.app is running in a sandbox which has a deep impact
> on GPGMail: it can no longer communicate with gpg using a sub process.

http://support.gpgtools.org/discussions/everything/1573-os-x-108-mountain-lion-compatibility/

Olav
- -- 
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)
Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/

iQGcBAEBAwAGBQJQF6y1AAoJEKGX32tq4e9WUbIL/A0rxQt2i2KDayZN4WkF16Fr
b4oKp07nz7hI5HTXCTvly8/7QNtgE4ZSgUezz94Oo2gZsVo/OhCbQeIdYY1vvCEx
VTuy5EdUlvxRUVGoSPEL1RAZh+3AR4xKxNgtO39wW+XNas+3MhiUnhogsk/T+T6T
15oY5ZtjN737JvcLlWUgbqJs8U10oYyW0lQkuPAn7f4tElQc4LTGYyWwXstKKcaa
SNI8NLwcBqy57FItfGAOLTjtQ+qDF1DmaA9acj9cFniCv55q4xzH/6jkeS15w5BT
FjcYFVcuF8eJvyt0iL66jSAoL69nz5S4NCHBWpo8c9DIw15qc0EgH5Y/KLqW+MHL
kBD+9HfrrUrvwKe9kb6uPlfcjdJClKgL8e1IgBY5rki+0yzEqLnrjFV9aSR71mw/
UHYyNgVz/mgFf0hnhni8uPsrO5aoUn4W2VP/dylHFT2m4FeRHMVyUNfyHHQYwT5n
ByBd2JGNjy6VDBDTi9qXa9VpYNkZg3a2KxYDKRBFYQ==
=kSkv
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg "simplified"?

[Werner Koch]

On Tue, 31 Jul 2012 07:11, y...@yyy.id.lv said:

>> 3) The program can be run from removable media, i.e., it
>> requires no installation and assumes no network access for
>> either key exchange or in operation. There are binaries
>> for all three major platforms (Win32, Linux and Mac OSX).
> I have heard, that gpg 1.4 supports such operation, but
> have not tested it myself. gpg2 certainly will not work.

Why do you think gpg2 won't work or does any network access without user
consent?


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Oracle behavior in Gnupg? // (was 'possible bug in gpg?')

[Ben McGinnes]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 31/07/12 1:14 AM, David Shaw wrote:
> 
> Yes, this is expected behavior.  It follows from what I explained 
> earlier in this thread.  When you use --override-session-key, you 
> bypass the quick check (after all, you gave the override key -
> what is there to check?) so you are seeing GnuPG choke on the
> invalid OpenPGP structures resulting from the garbage decryption.

On a related note, is it possible to extract the session key
(--show-session-key), but without decrypting the file in the process?
Just obtain the session key and stop there?  I've already tried -n
(--dry-run) and that still decrypts the file.


Regards,
Ben

-BEGIN PGP SIGNATURE-

iQGcBAEBCgAGBQJQF6uvAAoJEH/y03E1x1U8yrkL/1M6WOjwhLQ28iD5Bg+Ensu0
oezAbRumzdCe9l2H0seZ7NG79+/mLwlzIuVXe2IN10my2daesLfzHGyWNsj9bM/x
BNOpM+daBLd+lb9ceTsDayTbcYkpHbkhNW99UR50N5fNJWEeNwk6ukjk0c3QIXhk
HyoQG+OCzNc4W48mCWwt5tz3IObdjvzlpn/rll9n7i55BQIlwCd5TqfoWU8eSkFW
xzvT50P9rhZ0SaY7FVH1J6TYUKh7dN4IDv2jOUPghtGKkBh36bwQmfOSjmuwxm2w
SGx7eCKGoRx1M3JrkZKzwepl5VZtDhiERI9e3v1uz0tYsdBaBNzobkfu+am1PiD4
oMh1ic7OazieqCcfNYJyi5pBAIXq1oc71YyVzlNVlndmHAgu13o6eymijwb8EQqg
x1YcDG9RYCay4gJ5tzURahwpBRAz85znQDjjD20GA/Ocdgez5qDgLCeVScy/1+RG
xnPiNzPyEOjR73yDtIWPfgoHKtsuH+WjHuCVIs1BSQ==
=CxOe
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: pipe passphrase to unlock key

[Werner Koch]

On Mon, 30 Jul 2012 21:15, ciprian.crac...@gmail.com said:

> * implement your own "fake" `gpg-agent` which I have no ideea what
> actually implies;

Don't do this.

> * implement your own "fake" `pinentry` which would be much simpler
> as it only has to implement the assuan protocol; but you'll have to
> start a separate instance of `gpg-agent` just for this situation,

I would not call this a “fake” Pinentry.  Actually GnuPG has support to
switch the pinentry on demand:

  @item PINENTRY_USER_DATA
  This value is passed via gpg-agent to pinentry.  It is useful to convey
  extra information to a custom pinentry.

Your application may set this environment variable to tell a pinentry
wrapper to divert to a custom one.

> * (preferably) implement a fake `gpg` which does the following:
> opens a pipe as you have done in your example, writes the password and

Not a good idea, because GnuPG 2.1 requires the gpg-agent and won't see
any private key stuff.

> password=...
>
> env \
> GPG_PASSPHRASE_FD=<( printf -- "${password}" ) \
> PATH="a-folder-where-your-gpg-wrapper-is:${PATH}" \
> git ...

This is a bad advise.  If you store the passphrase in a file, you are
usually better off not to use a passphrase at all.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Oracle behavior in Gnupg? //

[Werner Koch]

On Mon, 30 Jul 2012 16:59, harni...@gmail.com said:

> it? If so, then I'd suggest that a "quiet" execution be performed that
> way only the exit code can be used that it's failure.

You should not rely on the exit code but parse all the information
returned by GPG.  GPGME makes this easy.

Given that GPG is just a tool and not a complete automated cryptographic
system, the developer needs to care about certain attacks by himself.
There are several points to watch out for, not only oracle attacks, but
for example also replay attacks.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users