Re: pgp export private key with password
David == David Shaw ds...@jabberwocky.com writes: However it seems that the application expects for some reason another a password during the import process. Interesting. I wonder why it does that - perhaps it stores the key unencrypted internally? What happens if you provide your regular key passphrase to the app on import? It does not work. It seems that the only possibility is to edit my key, delete the password and import. However I don't know yet how the private key is protected within the application.. I am still discussing with the author. Uwe smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RFC3156: application/pgp-keys support enigmail, gnus etc
Daniel == Daniel Kahn Gillmor d...@fifthhorseman.net writes: Hi Uwe-- I just implemented such a feature for gnus in Xemacs, but it seems that enigmail does not recognise the key! Does anybody know whether other MUA support this format? This seems like a question you'd want to ask the MUAs themselsves. when you say enigmail does not recognize the key, how did you test it? in icedove+enigmail 1.6, if i right-click on an attachment that is of type application/pgp-keys, i get a menu option Import OpenPGP Key, which seems like it does what you would want to do with an e-mailed key. Ok I tested it now with seamonkey 2.21 (or TB 17) +enigmail 1.6 and it works as you described. I think at home I am running TB11+enigmail 1.4, so I will upgrade. Thanks. Uwe smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Configuring gpg-agent to run in Windows
I would like to decrypt files in batch mode using GPG2 on a Windows 7 machine. I have GPG4Win, version 2.2.1 installed. I have so far been unable to make it work. I suspect I haven't configured the gpg-agent properly as I get the following error when I try to cache the passphrase: C:\GnuPGgpg-agent --daemon --allow-preset-passphrase --write-env-file --batch --debug-level 9 -vv gpg-agent[21568]: enabled debug flags: command mpi crypto memory cache memstat a ssuan gpg-agent[21568]: listening on socket `C:\Users\Megan\AppData\Roaming\gnupg\S.gp g-agent' set GPG_AGENT_INFO=C:\Users\Megan\AppData\Roaming\gnupg\S.gpg-agent;21568;1 gpg-agent[21568]: gpg-agent (GnuPG) 2.0.22 started gpg-agent[21568]: DBG: returning notify handle 0100 gpg-agent[21568]: handler 0x544c for fd 268 started gpg-agent[21568]: chan_010C - OK Pleased to meet you gpg-agent[21568]: chan_010C - PRESET_PASSPHRASE 2C7C06CF44E5B9B58023F24A44D CB856B29B6933 -1 6661697468 gpg-agent[21568]: DBG: agent_put_cache `2C7C06CF44E5B9B58023F24A44DCB856B29B6933 ' requested ttl=-1 mode=1 gpg-agent[21568]: chan_010C - OK gpg-agent[21568]: chan_010C - [error: Input/output error] gpg-agent[21568]: Assuan processing failed: Input/output error gpg-agent[21568]: handler 0x544c for fd 268 terminated Any ideas would be appreciated!___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
old pgp2.6x keys imported in gpg (compile pgp 2.6)
Hello I have a problem to import my secret key into a iOS app called iPGmail. The problem is that of course the key is password protected and the app seem to have difficulties with the password. So I just deleted the password and then can import the secret key, but I don't like this possibility and so I deleted my key. The cipher for the key protection is CAST5 However the key was originally generated with pgp 2.6.2 more than 10 years ago (yes I know it is only 1024 bit long and should not be used anymore), but could it be that such a key has some incompatibilities with RFC 4880?? I just tried to compile old 2.62 on kubuntu 10.04 but failed, does anybody has a suggestion? thanks Uwe Brauer smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: old pgp2.6x keys imported in gpg (compile pgp 2.6)
On Jan 28, 2014, at 9:37 AM, Uwe Brauer o...@mat.ucm.es wrote: Hello I have a problem to import my secret key into a iOS app called iPGmail. The problem is that of course the key is password protected and the app seem to have difficulties with the password. So I just deleted the password and then can import the secret key, but I don't like this possibility and so I deleted my key. The cipher for the key protection is CAST5 However the key was originally generated with pgp 2.6.2 more than 10 years ago (yes I know it is only 1024 bit long and should not be used anymore), but could it be that such a key has some incompatibilities with RFC 4880?? Yes and no. PGP 2.6.2 keys (version 3 keys) are compatible with RFC-4880, but that does not necessarily mean that every implementation supports them. Version 3 key support is optional in the standard, so it is possible that the iPGmail app only supports OpenPGP (version 4) keys. (Frankly, if I was writing a OpenPGP program today, I'd probably leave out version 3 support as well). David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: old pgp2.6x keys imported in gpg (compile pgp 2.6)
On Tuesday, January 28, 2014 at 9:43 AM, Uwe Brauer o...@mat.ucm.es wrote: The cipher for the key protection is CAST5 However the key was originally generated with pgp 2.6.2 more than 10 years ago (yes I know it is only 1024 bit long and should not be used anymore), but could it be that such a key has some incompatibilities with RFC 4880?? = NO key generated in PGP 2.x has anything other than IDEA as the cipher for key protection. (It is *possible* to construct such a key using Disastry's version of 2.6.3 multi x, but it would not be the default). It may be more likely that the key was imported into some version of GnuPG, after removing its password in PGP 2.x, and then GnuPG supplied its default cipher of CAST 5 when the passphrase was re-entered. I just tried to compile old 2.62 on kubuntu 10.04 but failed, does anybody has a suggestion? I couldn't compile Disastry's version either on Ubuntu, but was able to import the unix PGP he compiled on his website, into Ubuntu without problems. Here is the re-creation of his website: http://www.spywarewarrior.com/uiuc/disastry/263multi.htm His version allows all the ciphers GnuPG uses except for Camelia. vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
default (secret) key for gpg
Hello Finally I decided to generate a new 4096 keypair. Now gpg --list-keys tells me I have sec 1024R/93B61FDD 1998-09-17 uid Uwe Brauer o...@mat.ucm.es uid Uwe Brauer o...@btmpx1.mat.uni-bayreuth.de uid Uwe Brauer oub.oub@gmail.com uid Uwe Brauer oub.oub@gmail.com sec 4096R/65AD077A 2014-01-28 uid Uwe Brauer (Second Key) o...@mat.ucm.es ssb 4096R/F7D25222 2014-01-28 So I want to use the new key as default (For Xemacs and maybe this is an addional problem) So I added to the files in .gnupg - gpg.conf: default-key 65AD077A - options: default-key 65AD077A (I even rebooted to restart the gpg-agent). But xemacs, gnus, epg always picks up the old key. I will write to that list as well, but would like to know if there is anything wrong in my setting. thanks Uwe Brauer smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: old pgp2.6x keys imported in gpg (compile pgp 2.6)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 01/28/2014 03:37 PM, Uwe Brauer wrote: Hello I have a problem to import my secret key into a iOS app called iPGmail. The problem is that of course the key is password protected and the app seem to have difficulties with the password. ... However the key was originally generated with pgp 2.6.2 more than 10 years ago (yes I know it is only 1024 bit long and should not be used anymore), but could it be that such a key has some incompatibilities with RFC 4880?? I seem to recall a similar issue when first trying to use an old PGP 2.6 key to decrypt some files due to two leading checksum bytes. Looking through my archive [0,1] seems to confirm this, so might be of some help for you as well. [0] http://www.kfwebs.com/gnupg-2.0.4-idea.patch [1] http://www.kfwebs.net/articles/article/42/GnuPG-2.0---IDEA-support - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - Acta est fabula So ends the story -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJS59oOAAoJEPw7F94F4Tag0mQP/i7Ne25SdF/FchdtUbSgfoVU 9rBrtXOrx26/XxsdZR/j2d+LbyS32Yo+i2zq/oJYjhxWL4IH37fvKwxlLsi2qHP/ spcRlwhonNGoz24zvK4dpmyVJBtbfdo2sjJFUgmupG2LkinIRyPyIbfLxHHu8hui wpoe+GriaVAZkKFnyXtCIKXIAMnFcxhxjWK7kUZWlgVvs7RTF0dex7SbU7H85oE7 XdN5npkv8UQkuCiP4rX1PeJ6cLZGyOqNZ2I8m66cFrks7JtxntUOq5ndwjrIjRBW xSM3LOeCCO95JTWxNauXgZjFZzXbWTDbcg6qVKnKO4yWLAigFNvjj5EFP+170RUu ua/BNZ0DRae2yJ1iNICzUSVW0VCr3dhyrEwfoz2fM5veYO56f21HuoDHglPdoZGP ZP3OgZHgxPk9P7juzhxlRzrMrzlY7V26nr2HAGrVJcV9c3SQH7a0CgwmyH9N/rPs Hn+pQkVvtxfusdHT8UbtqZNM/CTiC/oaRFeEGPv+O0ovFVEg7fY1zSbHzn/CoFOV ian90taS/QDzD2o+PW2TvnPBJOW8rgLCvzAEhEiJ8Ll0F/hLjh52d1JdHlJO3DCj Afldwi6dRkW19VgAzfAWLnK6j8L6ZmstbycBJ07zU+IYZFKcxrZAZSrAmpMFERcC +zecACkEmhvjV+TR/EGK =ukRb -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: old pgp2.6x keys imported in gpg (compile pgp 2.6)
Kristian == Kristian Fiskerstrand kristian.fiskerstr...@sumptuouscapital.com writes: http://www.kfwebs.net/articles/article/42/GnuPG-2.0---IDEA-support #secure method=smime mode=sign cool, thanks! smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On Fri, Jan 24, 2014 at 11:08:16PM +, Steve Jones wrote: [...] Finally there's the possibility of explicit verification, if someone sends me a challenge and I publish that challenge's signature on my blog then that verifies that I am in control of that private key and can publish to that blog. [...] Wouldn't it be better to publish unencrypted (and unsigned) a challenge received encrypted? As signing unknown data should be avoided, as noone knows whether this data won't ever have a real meaning one does not intend to mean. Hope this message is not syntactically flawed to the point of being meaningless, Leo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: default (secret) key for gpg
On Tue, 28 Jan 2014 17:15, o...@mat.ucm.es said: - gpg.conf: default-key 65AD077A - options: default-key 65AD077A Do not use options - it has been replaced by gpg.conf so long ago that I barely remember that file. (I even rebooted to restart the gpg-agent). But xemacs, gnus, epg always picks up the old key. I will write to that Maybe (setq mml2015-signer 0x65AD077A) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: trying to find a folder
fa-ml wrote: On Fri, Jan 24, 2014 at 04:37:11PM -0800, Justin Quakenbush wrote: wheres my gnupg folder? Have you tried checking 'man gpg' (search for 'FILES')? It should be ~/.gnupg/ , echo $GNUPGHOME to make sure. GNUPGHOME isn't set by default. It is for overriding the default location. 'gpg --version' or 'gpgconf --list-dirs' will give one the location being used. -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Q:Just how do the residents of Haiku, Hawai'i hold conversations? A:An odd melody / island voices on the winds / surplus of vowels signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On Tue, 28 Jan 2014 20:13:30 +0100 Leo Gaspard ekl...@gmail.com wrote: On Fri, Jan 24, 2014 at 11:08:16PM +, Steve Jones wrote: [...] Finally there's the possibility of explicit verification, if someone sends me a challenge and I publish that challenge's signature on my blog then that verifies that I am in control of that private key and can publish to that blog. [...] Wouldn't it be better to publish unencrypted (and unsigned) a challenge received encrypted? As signing unknown data should be avoided, as noone knows whether this data won't ever have a real meaning one does not intend to mean. The challenge would not need to be the sole content of the message that is signed, so long as it is contained in the signed content. A simple human readable message to the effect that the signature is for response to a challenge should suffice. A more sophisticated approach would be for OpenPGP to include a new signature type for this purpose. -- Steve Jones st...@secretvolcanobase.org Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896 signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users