-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brian Mearns wrote: > On Wed, Jun 24, 2009 at 9:59 AM, Peter Pentchev<[email protected]> wrote: >> On Wed, Jun 24, 2009 at 02:21:29AM -0700, littleBrain wrote: >>> Does anyone have the UNIX API documentation for GPG? >>>
/***SNIP***/ > response? Not that this won't work, it just seems so inelegant. Does > anyone know of efforts to right an actual free-software library that > implements OpenPGP? > > -Brian > Dear Brian This is the core math of OpenPGP bash-3.00$ gpg --version Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 === If used apart from manually invoked messages and files, and without the use of a proper passphrase, manually keyed. I don't think it would be much useful. It would be much the same as saving your passphrase or even typing it in the source code. But this is known to me. http://www.gnu.org/software/gnutls/ http://gmplib.org/ # I'm involved here http://www.opentls.org/ OpenTLS is a project to replace OpenSSL, and is divided in three smaller packages, NetCrypto, NetPKI and NetTLS. It's been worked on since the autumn 2003, and at the time of writing, the last major part of NetCrypto is being worked on. The other two components are still entirely vaporware, hardly even at the planning stage. It was known from the beginning that this project would evolve slowly. === for live applications which runs distributed like OpenVPN or skype or sip-communicator, this paper tells some interesting stuff: http://www.davidpashley.com/articles/cert-authority.html this is for running applications distributed over then net, eg client server computing and what needs a passphrase when loggin on the network. Human authentication like in OpenPGP is essential. if a piece of software is to do the authentication, you may even save to hard disk the files. But I cannot figure any understandable benefit for that. Why do you want the software to encrypt unlike PGP, which encrypts with a human token called the passphraze? Example bash-3.00$ touch somethingIdliketohide.txt bash-3.00$ gpg -c somethingIdliketohide.txt # I am prompted twice for my passphraze, # which would be silly to put in any sourcecode. gpg: WARNING: `somethingIdliketohide.txt' is an empty file bash-3.00$ ls -l somethingIdliketohide.txt* - -rw-r--r-- 1 morten other 0 Jun 24 20:27 somethingIdliketohide.txt - -rw-r--r-- 1 morten other 64 Jun 24 20:27 somethingIdliketohide.txt.gpg bash-3.00$ you may even use gpg -c --cipher-algo AES256 If you prefer. Morten -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (SunOS) Comment: For keyID and its URL see the OpenPGP message header iEYEARECAAYFAkpCcXcACgkQ9ymv2YGAKVQDQgCfQmanJJufz4fNBSbOzh0Rjl6z Nj4AoNGdG+81SFyE4dgllhKU/1WLvOhY =L8/L -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
