Portable version of modern GnuOG

2015-10-05 Thread Anthony Papillion 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

I'm working on a project that requires a portable version of GnuPG and
I'd like to use a modern version of it. As far as I can tell from
searching, GnuPG stopped being portable somewhere in the 1.4.x branch.
I'm wondering a few things:

1. If all I'll be using are the RSA and AES246 algorithms, is using a
1.4.x implementation that dangerous?

2. Does anyone know of a modern variant of GnuPG that is or could be
made portable?

Thanks,
Anthony

- -- 
Anthony Papillion
Phone: +1.845.666.3312
Skype: CajunTechie
SIP/VoIP:  17772471...@in.callcentric.com
PGP Key:   0x028ADF7453B04B15
Fingerprint:   C5CE E687 DDC2 D12B 9063 56EA 028A DF74 53B0 4B15


-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJWEs31AAoJEAKK33RTsEsVQQYP/jJnH/5C1wagZeo6Wm/fueUp
4/zKkhg3aTKzy0y97xdH4QPU6rSE9VTn7irNDOVrqT0XSCaHwOEqMfKaCIvAOtP0
DozFIcsXdd6MqBXqogFQL+INTxvb6gzdk/I4wAigEIKbvlljNcpQYGcLhl5W9Ism
xaS8St6R/7t2FcW+F+7YgrNxGF1Q8lRwCcXOPCvW5RA0CavX8nXhxZWC9qgbhbWD
+IzsnADC1PW3bFcZIu9LOWaPy2WzP083sJrzHF+Eq4CRFwKKgDEK+M5rWy0UQFzy
hyi4E8q3Daq8vROumQYfJpr/5rWMW0Od3d1hHS6XXcIO674sYpTDhn47YszXd4TI
ABobIdoJbfjuofeng4pRMw9dPFHFZwN8peZyy1O78BXQSpNzvoj2Y8TXhoeoHxgO
9jfpwTwC8AyFfM1u6Ls6dXxak9AakTAvWuNcaldAW8qiY0quHkjX4bBD0YqUrt5r
XU3qfNPl7tpORQ0K/hOffdz7WwpzH6V7Fmu1mZaHBUS29pvXhJtWVtZW1ImtMao4
0dUg0iC4LIdUcH8jYjwaysZJzY/+zcKxQVSHrrdxg0GvnW6WeTeFDE3erqfxD0Mp
pbOJAkxblA/igj0GNf/FSs0273NqbMxfMB18PjdMd1qM14U51bc2ZC5FWrpZNrCm
KU3HF1stLYyESdW5i2TO
=dhiA
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Is there a better way to change out of sync expiration dates?

2015-10-05 Thread Werner Koch 
On Mon,  5 Oct 2015 00:40, anth...@cajuntechie.org said:

> But I'm wondering if there's a more 'standard' way to do this.

You may enter the expiration date directly:

  20151231T12

to expire it on New Year's Eve at noon.  The 'T' is required.
You may also use this

  seconds=1451563200

if you prefer seconds since Epoch.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Sign/verify openssl RSA signatures

2015-10-05 Thread Werner Koch 
On Mon,  5 Oct 2015 01:43, the...@otpme.org said:

> Is it possible to create (and verify) PKCS1_PSS signatures with gpg
> that are compatible with openssl?

No.  Using gpgsm would be closer but I am not sure whether PSS is
supported.  Libgcrypt however supports this and you could write your
own tool.

Take care using raw signatures - it is not easy to get this right.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How can it be made even easier!?

2015-10-05 Thread Don Saklad 
>> How can it be made even easier!?

ma...@wk3.org writes:
> CryptoParties are a good start from an educational standpoint.
>
> Whiteout.io and Pixelated are a good start from a technological 
standpoint.
>
  https://www.cryptoparty.in/location
  https://www.cryptoparty.in/parties/upcoming
  https://whiteout.io/
  https://pixelated-project.org/
>
>
> I think running Pixelated in a GAMP-certified environment would be a 
giant leap (very intentional) towards more confidential doctor-patient 
communication – and also a quite solid business model.
>
  https://en.wikipedia.org/wiki/Good_Automated_Manufacturing_Practice
>
>
> Sincerely,
> Malte

How could it be done so that presumptive background of folks with an
interest isn't presumed? A presumption of no background !

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Portable version of modern GnuOG

2015-10-05 Thread Neal H. Walfield 
At Mon, 5 Oct 2015 14:22:30 -0500,
Anthony Papillion wrote:
> I'm working on a project that requires a portable version of GnuPG and
> I'd like to use a modern version of it. As far as I can tell from
> searching, GnuPG stopped being portable somewhere in the 1.4.x branch.

GnuPG 2.x is still portable.  What platform are you targetting?  What
issues are you running into?

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

need advice - how to isolate gnupg trouble

2015-10-05 Thread Reid Vail 
Hello group -

I have two laptops running Linux Mint 17.2 and GPG 1.4.16 and Claws-Mail. Both
machines have the same Claws-mail plug-ins installed. However, on my primary 
machine
I can't get PKI encryption to work and on my secondary it worked the first time.

below is the message Claws kicks out, and the log messages --- sorry if there's 
a
lot 

I haven't messed with any of the GPG config files or intentionally made any 
changes.
Is it possible to re-install a component, or some how isolate the broken part 
:->  ?

thanks

Reid


"Couldn't encrypt the email: Encryption failed, General error
Use "Send queued messages" from the main window to retry."





[09:20:59] IMAP4< [FETCH data - 1261 bytes]
[09:20:59] IMAP4< [FETCH data - 1393 bytes]
[09:20:59] IMAP4< [FETCH data - 1393 bytes]
[09:20:59] IMAP4< [FETCH data - 646 bytes]
[09:20:59] IMAP4< 492 OK Success 
[09:20:59] IMAP4> 493 STATUS "[Gmail]/Drafts" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:20:59] IMAP4< * STATUS "[Gmail]/Drafts" (MESSAGES 8 UIDNEXT 3117 
UIDVALIDITY 596427651 UNSEEN 0) 
[09:20:59] IMAP4< 493 OK Success 
[09:20:59] IMAP4> 494 STATUS "[Gmail]/Important" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:20:59] IMAP4< * STATUS "[Gmail]/Important" (MESSAGES 1878 UIDNEXT 7316 
UIDVALIDITY 596427679 UNSEEN 5) 
[09:20:59] IMAP4< 494 OK Success 
[09:20:59] IMAP4> 495 SELECT "[Gmail]/Important" 
[09:20:59] IMAP4< * FLAGS (\Answered \Flagged \Draft \Deleted \Seen $ATTACHMENT 
$Forwarded $IGNORED $Label1 $NotPhishing $Phishing $SIGNED $TODO $WATCHED 
$has_cal $label2 $label5 Junk NonJunk NotJunk receipt-handled) 
[09:20:59] IMAP4< * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted 
\Seen $ATTACHMENT $Forwarded $IGNORED $Label1 $NotPhishing $Phishing $SIGNED 
$TODO $WATCHED $has_cal $label2 $label5 Junk NonJunk NotJunk receipt-handled 
\*)] Flags permitted. 
[09:20:59] IMAP4< * OK [UIDVALIDITY 596427679] UIDs valid. 
[09:20:59] IMAP4< * 1878 EXISTS 
[09:20:59] IMAP4< * 0 RECENT 
[09:20:59] IMAP4< * OK [UIDNEXT 7316] Predicted next UID. 
[09:20:59] IMAP4< * OK [HIGHESTMODSEQ 1793019] 
[09:20:59] IMAP4< 495 OK [READ-WRITE] [Gmail]/Important selected. (Success) 
[09:20:59] IMAP4- [fetching UIDs...]
[09:20:59] IMAP4> 496 UID FETCH 1:* (UID) 
[09:20:59] IMAP4< [FETCH data - 1393 bytes]



[09:21:00] IMAP4< [FETCH data - 1393 bytes]
[09:21:00] IMAP4< [FETCH data - 1393 bytes]
[09:21:00] IMAP4< [FETCH data - 1153 bytes]
[09:21:00] IMAP4< [FETCH data - 1393 bytes]
[09:21:00] IMAP4< [FETCH data - 1393 bytes]
[09:21:00] IMAP4< [FETCH data - 1162 bytes]
[09:21:00] IMAP4< [FETCH data - 1393 bytes]
[09:21:00] IMAP4< [FETCH data - 1393 bytes]
[09:21:00] IMAP4< [FETCH data - 317 bytes]
[09:21:00] IMAP4< 497 OK Success 
[09:21:00] IMAP4> 498 STATUS "[Gmail]/Job Search" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:21:00] IMAP4< * STATUS "[Gmail]/Job Search" (MESSAGES 0 UIDNEXT 9 
UIDVALIDITY 596427684 UNSEEN 0) 
[09:21:00] IMAP4< 498 OK Success 
[09:21:00] IMAP4> 499 STATUS "[Gmail]/Saved" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:21:00] IMAP4< * STATUS "[Gmail]/Saved" (MESSAGES 4 UIDNEXT 46 UIDVALIDITY 
596427677 UNSEEN 0) 
[09:21:00] IMAP4< 499 OK Success 
[09:21:00] IMAP4> 500 STATUS "[Gmail]/Saved/Amazon orders" (MESSAGES UIDNEXT 
UIDVALIDITY UNSEEN) 
[09:21:01] IMAP4< * STATUS "[Gmail]/Saved/Amazon orders" (MESSAGES 1 UIDNEXT 2 
UIDVALIDITY 596430315 UNSEEN 0) 
[09:21:01] IMAP4< 500 OK Success 
[09:21:01] IMAP4> 501 STATUS "[Gmail]/Saved/NYT subscription info" (MESSAGES 
UIDNEXT UIDVALIDITY UNSEEN) 
[09:21:01] IMAP4< * STATUS "[Gmail]/Saved/NYT subscription info" (MESSAGES 6 
UIDNEXT 7 UIDVALIDITY 596430314 UNSEEN 3) 
[09:21:01] IMAP4< 501 OK Success 
[09:21:01] IMAP4> 502 STATUS "[Gmail]/Saved/Projects" (MESSAGES UIDNEXT 
UIDVALIDITY UNSEEN) 
[09:21:01] IMAP4< * STATUS "[Gmail]/Saved/Projects" (MESSAGES 0 UIDNEXT 4 
UIDVALIDITY 596427703 UNSEEN 0) 
[09:21:01] IMAP4< 502 OK Success 
[09:21:01] IMAP4> 503 STATUS "[Gmail]/Sent Mail" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:21:01] IMAP4< * STATUS "[Gmail]/Sent Mail" (MESSAGES 154 UIDNEXT 5684 
UIDVALIDITY 596427647 UNSEEN 0) 
[09:21:01] IMAP4< 503 OK Success 
[09:21:01] IMAP4> 504 STATUS "[Gmail]/Spam" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:21:01] IMAP4< * STATUS "[Gmail]/Spam" (MESSAGES 54 UIDNEXT 26509 
UIDVALIDITY 596427652 UNSEEN 54) 
[09:21:01] IMAP4< 504 OK Success 
[09:21:01] IMAP4> 505 STATUS "[Gmail]/Starred" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:21:01] IMAP4< * STATUS "[Gmail]/Starred" (MESSAGES 21 UIDNEXT 254 
UIDVALIDITY 596427653 UNSEEN 0) 
[09:21:01] IMAP4< 505 OK Success 
[09:21:01] IMAP4> 506 STATUS "[Gmail]/Trash" (MESSAGES UIDNEXT UIDVALIDITY 
UNSEEN) 
[09:21:02] IMAP4< * STATUS "[Gmail]/Trash" (MESSAGES 29 UIDNEXT 21442 
UIDVALIDITY 596427649 UNSEEN 8) 
[09:21:02] IMAP4< 506 OK Success 
[09:21:02] IMAP4> 1006 STATUS INBOX (MESSAGES UIDNEXT UIDVALIDITY UNSEEN) 
[09:21:02] IMAP4< * STATUS "INBOX" (MESSAGES 639 UIDNEXT 2731 UIDVALIDITY 
1419255644 UNSEEN 0)

Re: How can it be made even easier!?

2015-10-05 Thread Robert J. Hansen 
> How could it be done so that presumptive background of folks with an
> interest isn't presumed? A presumption of no background !

If you're serious about "no background," I'd suggest by enrolling them
in a good preschool.  Everyone else will have a background: they might
be lawyers, doctors, teachers, carpenters, or what-have-you.  You can
assume basic fluency in English and a certain amount of formal
education.  They might be at a sixth-grade level in math or they might
all have graduate degrees, but there will be *some* background.

Find out what the common background is.  Then try asking your question
again.  Because, honestly, believing that people have *no* background is
a gross disrespect to them.  Learn their capabilities, and structure
your materials appropriately.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Sign/verify openssl RSA signatures

2015-10-05 Thread Daniel Roesler 
Not exactly what you're asking, but I was able to verify signature packets
on an OpenPGP public key using openssl.

https://github.com/diafygi/openpgp-python/blob/master/README.md#openssl-signature-verification

In order to learn the format better, I've been hacking together a very
rough OpenPGP parser in Python without using gpg. To verify signatures with
only openssl, you need to extract and convert the raw public RSA key to
pem  format, then dump the raw signature and data payload concatenation.

My code is really terrible, but feel free to read through it to see how I
calculate the public key pem (without an ASN.1 parser) and raw data
payload. Maybe that can give you some ideas on how to make gpg signatures
compatible with openssl.

Daniel

On Oct 4, 2015 4:44 PM,  wrote:
>
> Hi,
>
> i've googled a lot and i guess it is just not possible but i want to ask
this list before giving up.
>
> Is it possible to create (and verify) PKCS1_PSS signatures with gpg that
are compatible with openssl?
>
> The signatures are created with this commands:
> # Generate keys
> openssl genrsa -out priv.pem
> # Export public key
> openssl rsa -pubout -in priv.pem -out pub.pem
> # Create test file
> echo test123 > test.txt
> # Create signature
> openssl dgst -sha1 -sigopt rsa_padding_mode:pss -sigopt
rsa_pss_saltlen:-1 -sign priv.pem -out test.txt.sig test.txt
> # Verify signature
> openssl dgst -sha1 -sigopt rsa_padding_mode:pss -sigopt
rsa_pss_saltlen:-1 -verify pub.pem -signature test.txt.sig test.txt
>
> The reason for choosing openssl over gpg is the smooth support for RSA
signatures in python (pycrypto). Verifying a RSA (PKCS1 PSS) signature
requires just the public key which makes it easy to use especially when
verification of the signature must be done in a daemon.
>
> But there are also good reasons for using gpg on the client side because
its easy to use with smartcards (e.g. a yubikey). So my perfect setup would
be to be able to create signatures with gpg that can be verified with
openssl/pycrypto in my daemon.
>
> regards
> the2nd
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

asking for advice please - how to isolate gnupg trouble

2015-10-05 Thread Reid Vail 
Hello group -

I have two laptops running Linux Mint 17.2 and GPG 1.4.16 and Claws-Mail. Both
machines have the same Claws-mail plug-ins installed. However, on my primary 
machine
I can't get PKI encryption to work and on my secondary it worked the first time.

below is the message Claws kicks out, and the log messages are attached because 
the
formatting made them impossible to follow.  --- sorry if there's a lot 

I haven't messed with any of the GPG config files or intentionally made any 
changes.
Is it possible to re-install a component, or some how isolate the broken part 
:->  ?

thanks

Reid


"Couldn't encrypt the email: Encryption failed, General error
Use "Send queued messages" from the main window to retry."





log notes
Description: Binary data
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users