Portable version of modern GnuOG
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I'm working on a project that requires a portable version of GnuPG and I'd like to use a modern version of it. As far as I can tell from searching, GnuPG stopped being portable somewhere in the 1.4.x branch. I'm wondering a few things: 1. If all I'll be using are the RSA and AES246 algorithms, is using a 1.4.x implementation that dangerous? 2. Does anyone know of a modern variant of GnuPG that is or could be made portable? Thanks, Anthony - -- Anthony Papillion Phone: +1.845.666.3312 Skype: CajunTechie SIP/VoIP: 17772471...@in.callcentric.com PGP Key: 0x028ADF7453B04B15 Fingerprint: C5CE E687 DDC2 D12B 9063 56EA 028A DF74 53B0 4B15 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJWEs31AAoJEAKK33RTsEsVQQYP/jJnH/5C1wagZeo6Wm/fueUp 4/zKkhg3aTKzy0y97xdH4QPU6rSE9VTn7irNDOVrqT0XSCaHwOEqMfKaCIvAOtP0 DozFIcsXdd6MqBXqogFQL+INTxvb6gzdk/I4wAigEIKbvlljNcpQYGcLhl5W9Ism xaS8St6R/7t2FcW+F+7YgrNxGF1Q8lRwCcXOPCvW5RA0CavX8nXhxZWC9qgbhbWD +IzsnADC1PW3bFcZIu9LOWaPy2WzP083sJrzHF+Eq4CRFwKKgDEK+M5rWy0UQFzy hyi4E8q3Daq8vROumQYfJpr/5rWMW0Od3d1hHS6XXcIO674sYpTDhn47YszXd4TI ABobIdoJbfjuofeng4pRMw9dPFHFZwN8peZyy1O78BXQSpNzvoj2Y8TXhoeoHxgO 9jfpwTwC8AyFfM1u6Ls6dXxak9AakTAvWuNcaldAW8qiY0quHkjX4bBD0YqUrt5r XU3qfNPl7tpORQ0K/hOffdz7WwpzH6V7Fmu1mZaHBUS29pvXhJtWVtZW1ImtMao4 0dUg0iC4LIdUcH8jYjwaysZJzY/+zcKxQVSHrrdxg0GvnW6WeTeFDE3erqfxD0Mp pbOJAkxblA/igj0GNf/FSs0273NqbMxfMB18PjdMd1qM14U51bc2ZC5FWrpZNrCm KU3HF1stLYyESdW5i2TO =dhiA -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is there a better way to change out of sync expiration dates?
On Mon, 5 Oct 2015 00:40, anth...@cajuntechie.org said: > But I'm wondering if there's a more 'standard' way to do this. You may enter the expiration date directly: 20151231T12 to expire it on New Year's Eve at noon. The 'T' is required. You may also use this seconds=1451563200 if you prefer seconds since Epoch. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sign/verify openssl RSA signatures
On Mon, 5 Oct 2015 01:43, the...@otpme.org said: > Is it possible to create (and verify) PKCS1_PSS signatures with gpg > that are compatible with openssl? No. Using gpgsm would be closer but I am not sure whether PSS is supported. Libgcrypt however supports this and you could write your own tool. Take care using raw signatures - it is not easy to get this right. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can it be made even easier!?
>> How can it be made even easier!? ma...@wk3.org writes: > CryptoParties are a good start from an educational standpoint. > > Whiteout.io and Pixelated are a good start from a technological standpoint. > https://www.cryptoparty.in/location https://www.cryptoparty.in/parties/upcoming https://whiteout.io/ https://pixelated-project.org/ > > > I think running Pixelated in a GAMP-certified environment would be a giant leap (very intentional) towards more confidential doctor-patient communication – and also a quite solid business model. > https://en.wikipedia.org/wiki/Good_Automated_Manufacturing_Practice > > > Sincerely, > Malte How could it be done so that presumptive background of folks with an interest isn't presumed? A presumption of no background ! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Portable version of modern GnuOG
At Mon, 5 Oct 2015 14:22:30 -0500, Anthony Papillion wrote: > I'm working on a project that requires a portable version of GnuPG and > I'd like to use a modern version of it. As far as I can tell from > searching, GnuPG stopped being portable somewhere in the 1.4.x branch. GnuPG 2.x is still portable. What platform are you targetting? What issues are you running into? :) Neal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
need advice - how to isolate gnupg trouble
Hello group - I have two laptops running Linux Mint 17.2 and GPG 1.4.16 and Claws-Mail. Both machines have the same Claws-mail plug-ins installed. However, on my primary machine I can't get PKI encryption to work and on my secondary it worked the first time. below is the message Claws kicks out, and the log messages --- sorry if there's a lot I haven't messed with any of the GPG config files or intentionally made any changes. Is it possible to re-install a component, or some how isolate the broken part :-> ? thanks Reid "Couldn't encrypt the email: Encryption failed, General error Use "Send queued messages" from the main window to retry." [09:20:59] IMAP4< [FETCH data - 1261 bytes] [09:20:59] IMAP4< [FETCH data - 1393 bytes] [09:20:59] IMAP4< [FETCH data - 1393 bytes] [09:20:59] IMAP4< [FETCH data - 646 bytes] [09:20:59] IMAP4< 492 OK Success [09:20:59] IMAP4> 493 STATUS "[Gmail]/Drafts" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:20:59] IMAP4< * STATUS "[Gmail]/Drafts" (MESSAGES 8 UIDNEXT 3117 UIDVALIDITY 596427651 UNSEEN 0) [09:20:59] IMAP4< 493 OK Success [09:20:59] IMAP4> 494 STATUS "[Gmail]/Important" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:20:59] IMAP4< * STATUS "[Gmail]/Important" (MESSAGES 1878 UIDNEXT 7316 UIDVALIDITY 596427679 UNSEEN 5) [09:20:59] IMAP4< 494 OK Success [09:20:59] IMAP4> 495 SELECT "[Gmail]/Important" [09:20:59] IMAP4< * FLAGS (\Answered \Flagged \Draft \Deleted \Seen $ATTACHMENT $Forwarded $IGNORED $Label1 $NotPhishing $Phishing $SIGNED $TODO $WATCHED $has_cal $label2 $label5 Junk NonJunk NotJunk receipt-handled) [09:20:59] IMAP4< * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen $ATTACHMENT $Forwarded $IGNORED $Label1 $NotPhishing $Phishing $SIGNED $TODO $WATCHED $has_cal $label2 $label5 Junk NonJunk NotJunk receipt-handled \*)] Flags permitted. [09:20:59] IMAP4< * OK [UIDVALIDITY 596427679] UIDs valid. [09:20:59] IMAP4< * 1878 EXISTS [09:20:59] IMAP4< * 0 RECENT [09:20:59] IMAP4< * OK [UIDNEXT 7316] Predicted next UID. [09:20:59] IMAP4< * OK [HIGHESTMODSEQ 1793019] [09:20:59] IMAP4< 495 OK [READ-WRITE] [Gmail]/Important selected. (Success) [09:20:59] IMAP4- [fetching UIDs...] [09:20:59] IMAP4> 496 UID FETCH 1:* (UID) [09:20:59] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 1153 bytes] [09:21:00] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 1162 bytes] [09:21:00] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 1393 bytes] [09:21:00] IMAP4< [FETCH data - 317 bytes] [09:21:00] IMAP4< 497 OK Success [09:21:00] IMAP4> 498 STATUS "[Gmail]/Job Search" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:00] IMAP4< * STATUS "[Gmail]/Job Search" (MESSAGES 0 UIDNEXT 9 UIDVALIDITY 596427684 UNSEEN 0) [09:21:00] IMAP4< 498 OK Success [09:21:00] IMAP4> 499 STATUS "[Gmail]/Saved" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:00] IMAP4< * STATUS "[Gmail]/Saved" (MESSAGES 4 UIDNEXT 46 UIDVALIDITY 596427677 UNSEEN 0) [09:21:00] IMAP4< 499 OK Success [09:21:00] IMAP4> 500 STATUS "[Gmail]/Saved/Amazon orders" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:01] IMAP4< * STATUS "[Gmail]/Saved/Amazon orders" (MESSAGES 1 UIDNEXT 2 UIDVALIDITY 596430315 UNSEEN 0) [09:21:01] IMAP4< 500 OK Success [09:21:01] IMAP4> 501 STATUS "[Gmail]/Saved/NYT subscription info" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:01] IMAP4< * STATUS "[Gmail]/Saved/NYT subscription info" (MESSAGES 6 UIDNEXT 7 UIDVALIDITY 596430314 UNSEEN 3) [09:21:01] IMAP4< 501 OK Success [09:21:01] IMAP4> 502 STATUS "[Gmail]/Saved/Projects" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:01] IMAP4< * STATUS "[Gmail]/Saved/Projects" (MESSAGES 0 UIDNEXT 4 UIDVALIDITY 596427703 UNSEEN 0) [09:21:01] IMAP4< 502 OK Success [09:21:01] IMAP4> 503 STATUS "[Gmail]/Sent Mail" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:01] IMAP4< * STATUS "[Gmail]/Sent Mail" (MESSAGES 154 UIDNEXT 5684 UIDVALIDITY 596427647 UNSEEN 0) [09:21:01] IMAP4< 503 OK Success [09:21:01] IMAP4> 504 STATUS "[Gmail]/Spam" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:01] IMAP4< * STATUS "[Gmail]/Spam" (MESSAGES 54 UIDNEXT 26509 UIDVALIDITY 596427652 UNSEEN 54) [09:21:01] IMAP4< 504 OK Success [09:21:01] IMAP4> 505 STATUS "[Gmail]/Starred" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:01] IMAP4< * STATUS "[Gmail]/Starred" (MESSAGES 21 UIDNEXT 254 UIDVALIDITY 596427653 UNSEEN 0) [09:21:01] IMAP4< 505 OK Success [09:21:01] IMAP4> 506 STATUS "[Gmail]/Trash" (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:02] IMAP4< * STATUS "[Gmail]/Trash" (MESSAGES 29 UIDNEXT 21442 UIDVALIDITY 596427649 UNSEEN 8) [09:21:02] IMAP4< 506 OK Success [09:21:02] IMAP4> 1006 STATUS INBOX (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) [09:21:02] IMAP4< * STATUS "INBOX" (MESSAGES 639 UIDNEXT 2731 UIDVALIDITY 1419255644 UNSEEN 0)
Re: How can it be made even easier!?
> How could it be done so that presumptive background of folks with an > interest isn't presumed? A presumption of no background ! If you're serious about "no background," I'd suggest by enrolling them in a good preschool. Everyone else will have a background: they might be lawyers, doctors, teachers, carpenters, or what-have-you. You can assume basic fluency in English and a certain amount of formal education. They might be at a sixth-grade level in math or they might all have graduate degrees, but there will be *some* background. Find out what the common background is. Then try asking your question again. Because, honestly, believing that people have *no* background is a gross disrespect to them. Learn their capabilities, and structure your materials appropriately. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sign/verify openssl RSA signatures
Not exactly what you're asking, but I was able to verify signature packets on an OpenPGP public key using openssl. https://github.com/diafygi/openpgp-python/blob/master/README.md#openssl-signature-verification In order to learn the format better, I've been hacking together a very rough OpenPGP parser in Python without using gpg. To verify signatures with only openssl, you need to extract and convert the raw public RSA key to pem format, then dump the raw signature and data payload concatenation. My code is really terrible, but feel free to read through it to see how I calculate the public key pem (without an ASN.1 parser) and raw data payload. Maybe that can give you some ideas on how to make gpg signatures compatible with openssl. Daniel On Oct 4, 2015 4:44 PM,wrote: > > Hi, > > i've googled a lot and i guess it is just not possible but i want to ask this list before giving up. > > Is it possible to create (and verify) PKCS1_PSS signatures with gpg that are compatible with openssl? > > The signatures are created with this commands: > # Generate keys > openssl genrsa -out priv.pem > # Export public key > openssl rsa -pubout -in priv.pem -out pub.pem > # Create test file > echo test123 > test.txt > # Create signature > openssl dgst -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -sign priv.pem -out test.txt.sig test.txt > # Verify signature > openssl dgst -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -verify pub.pem -signature test.txt.sig test.txt > > The reason for choosing openssl over gpg is the smooth support for RSA signatures in python (pycrypto). Verifying a RSA (PKCS1 PSS) signature requires just the public key which makes it easy to use especially when verification of the signature must be done in a daemon. > > But there are also good reasons for using gpg on the client side because its easy to use with smartcards (e.g. a yubikey). So my perfect setup would be to be able to create signatures with gpg that can be verified with openssl/pycrypto in my daemon. > > regards > the2nd > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
asking for advice please - how to isolate gnupg trouble
Hello group - I have two laptops running Linux Mint 17.2 and GPG 1.4.16 and Claws-Mail. Both machines have the same Claws-mail plug-ins installed. However, on my primary machine I can't get PKI encryption to work and on my secondary it worked the first time. below is the message Claws kicks out, and the log messages are attached because the formatting made them impossible to follow. --- sorry if there's a lot I haven't messed with any of the GPG config files or intentionally made any changes. Is it possible to re-install a component, or some how isolate the broken part :-> ? thanks Reid "Couldn't encrypt the email: Encryption failed, General error Use "Send queued messages" from the main window to retry." log notes Description: Binary data ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users