Re: GnuPG and g10 code
Not meant as a critique of the content, just pointing out that it does not explain 'why' and 'what' the card and software (as a system) do for the reader new to the idea. It may be accurate technically. Dave On 17 December 2014 at 00:35, Peter Lebbing pe...@digitalbrains.com wrote: On 16/12/14 13:26, Dave Pawson wrote: What about: https://en.wikipedia.org/wiki/OpenPGP_card (IMHO) pure geekery copied from one of the other pages? Hmmm, that article seems lacking. If you would have asked nicely, I might have bothered to improve it. Now, I don't feel inclined to do it. I'll get around to it one day. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG 2.1.1 : Generation Unattended EC signing key with Ed25519 curve
C:\Program Files (x86)\GNU\GnuPG\bingpg.exe --batch --gen-key Key-Type: ecdsa Key-Curve: Ed25519 Key-Usage: sign auth Name-Real: Yan Fiz Expire-Date: 1y Preferences: twofish sha512 zlib ^Z gpg: checking created signature failed: Bad signature gpg: signing failed: Bad signature gpg: make_keysig_packet failed: Bad signature gpg: key generation failed: Bad signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG 2.1.1 : Generation Unattended EC signing key with Ed25519 curve
On Wed, 17 Dec 2014 01:06, yan...@gmail.com said: Key-Type: ecdsa Use eddsa with Ed25519: $ gpg -v --gen-key --batch Key-Type: eddsa Key-Curve: Ed25519 Key-Usage: sign auth Name-Real: Yan Fiz Expire-Date: 1y Preferences: twofish sha512 zlib gpg: writing self signature gpg: EDDSA/SHA256 signature from: A3280639 [?] gpg: writing public key to '.../pubring.gpg' gpg: using PGP trust model gpg: key A3280639 marked as ultimately trusted gpg: writing to '.../revocs.d/1B4456373B09AABBF1F309B638F5AEECA3280639.rev' gpg: EDDSA/SHA256 signature from: A3280639 Yan Fiz Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Unable to encrypt file with private/public key
Hi, I am using gpg (GnuPG) 1.4.7 trying to encrypt a file with private key whose public key I have shared to the partner who have to decrypt this file. I tried with --armour -symmetric switches which requires a passphrase to encrypt but I have requirement to encrypt it through private/public key. If I am using -encrypt --hidden-recipient option showing below error. I am able to see the public key while running -list-keys option. I am running it on AIX 6.1 under root user. gpg: --try-all-secrets: skipped: public key not found gpg: /tmp/test/INSONY01122014001.CSV: encryption failed: public key not found Kindly suggest what could be the problem how to resolve it. Regards, Dhiraj This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway.. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On 16.12.14 17:36, Werner Koch wrote: Hello! The GnuPG Project is pleased to announce the availability of the second release of GnuPG modern: Version 2.1.1. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard as defined by RFC-4880 and better known as PGP. GnuPG, also known as GPG, allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different versions of GnuPG are actively maintained: - GnuPG modern (2.1) is the latest development with a lot of new features. This announcement is about the first release of this version. - GnuPG stable (2.0) is the current stable version for general use. This is what most users are currently using. - GnuPG classic (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install modern (2.1) and stable (2.0) at the same time. However, it is possible to install classic (1.4) along with any of the other versions. I created an installer for GnuPG 2.1.1 on Mac OS X, available from here: http://sourceforge.net/projects/gpgosx/files/GnuPG-2.1.1.dmg/download -Patrick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unable to encrypt file with private/public key
On 17/12/14 14:43, Haritwal, Dhiraj wrote: Hi, I am using gpg (GnuPG) 1.4.7 trying to encrypt a file with private key whose public key I have shared to the partner who have to decrypt this file. I tried with --armour –symmetric switches which requires a passphrase to encrypt but I have requirement to encrypt it through private/public key. If I am using –encrypt --hidden-recipient option showing below error. I am able to see the public key while running –list-keys option. I am running it on AIX 6.1 under root user. If you just wish to encrypt, not sign, to the user, use:- gpg2 --recipient AABBCCDD --encrypt supersecret.txt Or the shorter version:- gpg2 -r AABBCCDD -e supersecret.txt It will dump supersecret.txt.gpg, that's your encrypted file. This isn't signed (I.E. the receiver won't be able to verify _you_ sent it, and can be replaced (Although not read) in transit). If you wish to sign it, you'll also need a GPG key in your keyring, then run:- gpg2 --local-user FFEEDDCC --recipient AABBCCDD --encrypt --sign supersecret.txt Or the shorter version:- gpg2 -u FFEEDDCC -r AABBCCDD -se supersecret.txt Where FFEEDDCC is your key identifier and AABBCCDD is the recipient's key identifier. When they decrypt the file, they will see something along the lines of:- gpg: Good signature from John Doe (john...@example.com) [ultimate] gpg: binary signature, digest algorithm SHA512 gpg: decryption okay the command you're using, --symmetric, is for using a passphrase for encryption/decrypt (I.E. symmetric encryption, not asymmetric). --hidden-recipient should work too, and is used if you don't wish to include information about the recipient in the gpg file, you probably don't want to use this option (As oppose to --recipient) unless you really do wish to use the features it provides. As for the failed public key, may I ask the exact command you're running? I get the same error message when I specify a recipient that doesn't exist:- $ gpg2 -e -r ${RANDOM} b gpg: 31546: skipped: No public key gpg: b: encryption failed: No public key ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
Hi Werner, Thanks for the new release, It solves a lot of the OS X compile problems we were seeing, which is great. I'm still hitting a new one though. If you attempt to compile using an external gpg-agent, rather than one with the package, you hit this: clang -I/usr/local/Cellar/libgcrypt/1.6.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.1.3/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -lresolv -o gpgsplit gpgsplit.o ../common/libcommon.a -L/usr/local/Cellar/libgcrypt/1.6.2/lib -lgcrypt -L/usr/local/Cellar/libgpg-error/1.17/lib -lgpg-error -L/usr/local/Cellar/libgpg-error/1.17/lib -lgpg-error -lz -lbz2 -lintl -Wl,-framework -Wl,CoreFoundation -liconv Making all in po Making all in doc /Applications/Xcode.app/Contents/Developer/usr/bin/make all-am clang -o yat2m ./yat2m.c for file in gnupg7.texi gpg.texi gpgsm.texi gpg-agent.texi dirmngr.texi scdaemon.texi tools.texi ; do \ ./yat2m -I . -D gpgtwoone --release GnuPG 2.1.1 --source GNU Privacy Guard 2.1 --store \ `test -f '$file' || echo './'`$file ; done yat2m: writing 'gnupg.7' yat2m: writing 'gpg2.1' yat2m: writing 'gpgsm.1' yat2m: writing 'gpg-agent.1' yat2m: writing 'dirmngr.8' yat2m: writing 'scdaemon.1' yat2m: writing 'watchgnupg.1' yat2m: writing 'gpgv2.1' yat2m: writing 'addgnupghome.8' yat2m: writing 'gpgconf.1' yat2m: writing 'applygnupgdefaults.8' yat2m: writing 'gpgsm-gencert.sh.1' yat2m: writing 'gpg-preset-passphrase.1' yat2m: writing 'gpg-connect-agent.1' yat2m: writing 'dirmngr-client.1' yat2m: writing 'gpgparsemail.1' yat2m: writing 'symcryptrun.1' yat2m: writing 'gpg-zip.1' Making all in tests Making all in openpgp make[3]: *** No rule to make target `../../agent/gpg-agent', needed by `all-local'. Stop. make[2]: *** [all-recursive] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 Any ideas? Cheers, Dom Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. On 16/12/2014 16:36, Werner Koch wrote: Hello! The GnuPG Project is pleased to announce the availability of the second release of GnuPG modern: Version 2.1.1. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard as defined by RFC-4880 and better known as PGP. GnuPG, also known as GPG, allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different versions of GnuPG are actively maintained: - GnuPG modern (2.1) is the latest development with a lot of new features. This announcement is about the first release of this version. - GnuPG stable (2.0) is the current stable version for general use. This is what most users are currently using. - GnuPG classic (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install modern (2.1) and stable (2.0) at the same time. However, it is possible to install classic (1.4) along with any of the other versions. What's New in GnuPG-2.1 === * gpg: Detect faulty use of --verify on detached signatures. * gpg: New import option keep-ownertrust. * gpg: New sub-command factory-reset for --card-edit. * gpg: A stub key for smartcards is now created by --card-status. * gpg: Fixed regression in --refresh-keys. * gpg: Fixed regresion in %g and %p codes for --sig-notation. * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. * gpg: Improved perceived speed of secret key listisngs. * gpg: Print number of skipped PGP-2 keys on import. * gpg: Removed the option aliases --throw-keyid and --notation-data; use --throw-keyids and --set-notation instead. * gpg: New import option keep-ownertrust. * gpg: Skip too large keys during import. * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or dirmngr. * gpg-agent: New option --extra-socket to provide a restricted command set for use with remote clients. * gpgconf --kill does not anymore start a service only to kill it. * gpg-pconnect-agent: Add convenience option --uiserver. * Fixed keyserver access for Windows. * Fixed build problems
Re: [Announce] GnuPG 2.1.1 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Tuesday 16 December 2014 at 4:36:19 PM, in mid:874msveem4@vigenere.g10code.de, Werner Koch wrote: * gpg: Fixed regresion in %g and %p codes for --sig-notation. Could there be a similar issue with the %i for --photo-viewer? photo-viewer path\to\gpgview.exe %i /title 0x%K.%t[%V] seems to get me the message:- gpg: system error while calling external program: No error gpg: unable to display photo ID! - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net The secret to creativity is knowing how to hide your sources. -BEGIN PGP SIGNATURE- iQF8BAEBCgBmBQJUkfPlXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwya0H/jVscH4wzZlQ4EqlhXJHOKvL 9Th8s/FR8SLcVhjJ8lH0FjOJCooq+QquqFrCMj7FZRo6mKmG403zNpSPv202CPke jFKBcuML9Kdxg/sHOQRhTWYuh/dAfbm/RBCJ3+1xx36F0v9pIvaGq0ViS8DwHMsB bYivIfDcvlYl70IS2D5cxMc7TgH6+mNogAmU7Lm8R+u2OpfK0XbWMV9F4Vi93V9M pZ3EffBRwMZqMVjXmdaSCqa9RMIjDqRJJiTOEBl+TsKgztg1sDhijqFIt88EkSXv eieqJx12oYyfa3ri6AyjOpF0VMlTVQVHQ+s0kXxB83WbP2vOg3Summ4fO8TmzNyI vgQBFgoAZgUCVJHz7V8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45O37AQBAm74Ib66ZbTWqSoD7uiPlBIk6 SG5wru7bfpv0ZZcj9QEAVGIhR34UcDoGXaj4NstNHYplD93pzoFqvsCEtnLaHQ0= =tvmk -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users