Re: Regarding Encryption through vb.net code using gpg
Hi Jagadeesh
The discussion here might be of help:
http://blog.hardeep.name/computer/20080904/auto-gpg/
Hardeep Singh
On Tue, Dec 8, 2009 at 6:52 PM, Jagadeesh Bantrotu
wrote:
> Hi,
>
>
>
> I am trying to encrypt the file using vb.net code but the data is not
> encrypting and it is not giving error. But if I do from cmd prompt the file
> is encrypted.
>
> Can you tell me what mistake I did in my code? I first used gpg version
> 1.4.9 with this version the code was not executed after that I tried with
> gpg version 1.2.0 but no use. Any one can help me ASAP.
>
>
>
> Dim vGPGExecutable As Variables
>
> Dts.VariableDispenser.LockOneForRead("GPGExecutable",
> vGPGExecutable)
>
> Dim gpgExecutable As String
>
> gpgExecutable = vGPGExecutable("GPGExecutable").Value.ToString
>
> vGPGExecutable.Unlock()
>
>
>
> Dim vHomeDir As Variables
>
> Dts.VariableDispenser.LockOneForRead("HomeDirectory", vHomeDir)
>
> Dim HomeDir As String
>
> HomeDir = vHomeDir("HomeDirectory").Value.ToString
>
> vHomeDir.Unlock()
>
>
>
> Dim vPassPhrase As Variables
>
> Dts.VariableDispenser.LockOneForRead("recipient", vPassPhrase)
>
> Dim recipient As String = vPassPhrase("recipient").Value.ToString
>
> vPassPhrase.Unlock()
>
>
>
> Dim outputFile As String =
> Dts.Connections("Encrypt").ConnectionString
>
> Dim inputfile As String = Dts.Connections("File").ConnectionString
>
>
>
>
>
> If System.IO.File.Exists(inputfile) = True Then
>
>
>
> Dim gpgOptions As String
>
>
>
> Dim optionsBuilder As StringBuilder = New StringBuilder()
>
> optionsBuilder.Append("--homedir ")
>
> optionsBuilder.Append(HomeDir)
>
> optionsBuilder.Append(" --yes --batch --armor --recipient ")
>
> optionsBuilder.Append(recipient)
>
> optionsBuilder.Append(" --no-verbose --output ")
>
> optionsBuilder.Append(outputFile)
>
> optionsBuilder.Append(" --always-trust")
>
> optionsBuilder.Append(" --encrypt ")
>
> optionsBuilder.Append(inputfile)
>
>
>
> gpgOptions = optionsBuilder.ToString()
>
>
>
> Dim process As Process = New Process()
>
> Dim streamWriter As StreamWriter
>
> Dim streamReader As StreamReader
>
> Dim err As StreamReader
>
>
>
> Dim prStartInfo As ProcessStartInfo = New
> ProcessStartInfo(gpgExecutable, gpgOptions)
>
> prStartInfo.UseShellExecute = False
>
> prStartInfo.RedirectStandardInput = True
>
> prStartInfo.RedirectStandardOutput = True
>
> prStartInfo.RedirectStandardError = True
>
> prStartInfo.CreateNoWindow = True
>
> process.StartInfo = prStartInfo
>
> process.Start()
>
> streamWriter = process.StandardInput
>
> streamReader = process.StandardOutput
>
> err = process.StandardError
>
> streamWriter.Close()
>
>
>
> Else
>
> Dim logConstr As String
>
> logConstr = Dts.Connections("Log File Connection
> String").ConnectionString
>
> Dim logfile As StreamWriter = New StreamWriter(logConstr, False)
>
> logfile.WriteLine("Fail to Find Records File to be Encrypted.")
>
> Dts.TaskResult = Dts.Results.Failure
>
>
>
> logfile.Close()
>
> End If
>
>
>
> Thanks&Regards,
>
> Jagadeesh B
>
>
> DISCLAIMER:
>
> This email may contain confidential information and is intended only for the
> use of the specific individual(s) to which it is addressed. If you are not
> the intended recipient of this email, you are hereby notified that any
> unauthorized use, dissemination or copying of this email or the information
> contained in it or attached to it is strictly prohibited. If you received
> this message in error, please immediately notify the sender at Infotech or
> mail.ad...@infotech-enterprises.com and delete the original message.
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Interesting article on password guessing via cloud computing
Hi David Vedaal and everyone This is something even I have thought: this seems to be a sure way to prevent such computing from being able to 'guess' the password. Why is then, parallel computing being haled as the antidote to privacy? Regards Hardeep Singh http://blog.Hardeep.name Sent from Delhi, India On Thu, Nov 5, 2009 at 8:35 PM, wrote: > David Shaw > wrote on 2009-11-04 18:34:49 : > >>This is not, of course, an OpenPGP "crack", but rather high-speed > >>password guessing. > > a trivial way to defeat this, > would be to provide each client with a pgp keypair, > (physically presented to the client upon the initial transaction > agreement), > and then encrypt the zipfile to a key and not even use a passphrase > > what would be even more interesting, > is if it could be done in a way that truecrypt uses to protect its > encrypted volumes, where the user can choose to use a keyfile as > well as a passphrase, but it cannot be determined before decryption > if a keyfile, passphrase, both or only one, has been used > > so, imagine if a client has a zipfile encrypted to both a trivial > password and to a pgp key, and it is not determinable from the > encrypted file itself, if it was encrypted to a key as well, > > all the cloud computing resources available will merrily spin > themselves into exhaustion ubtil they decide that the passphrase is > 'probably too long and complex to crack' > > > vedaal > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: beginner type questions
try gpg --gen-key --expert Hardeep Singh http://blog.Hardeep.name On Mon, Oct 5, 2009 at 9:37 PM, Durant, Dean wrote: > Hello, I noticed, on windows (which I truly despise), when I type > > C:\Documents and Settings\me\Application Data\gnupg>gpg --gen-key > > I get: > > gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc. (add'l > copyleft info) > > Please select what kind of key you want: > (1) RSA and RSA (default) > (2) DSA and Elgamal > (3) DSA (sign only) > (4) RSA (sign only) > > on ubuntu, I get these choices (the version of GPG is 2.0.9): > Please select what kind of key you want: > > (1) DSA and Elgamal (default) > (2) DSA (sign only) > (5) RSA (sign only) > > What is the difference? Isn't RSA better? > > I tried using apt-get to get the version on linux up to the same version # on > windows, and it wouldn't. > > Once you generate a key, is it bound to the email address supplied during > generation, so that, if someone else emails your key out, you won't be able > to decrypt something encrypted to their email? Or is the email address > completely uninvolved? > > Thanks, Dean > > > > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: questions: no input file, and pascal programming
The same can be done in Windows. Visit http://blog.hardeep.name/computer/20080828/linux-shell-on-windows/ this will give you the shell and the Echo commands that you need. Hardeep Singh http://blog.Hardeep.name On Sat, May 2, 2009 at 1:05 PM, Philip wrote: > I found that if I just type "gpg" I get this > "gpg: Go ahead and type your message ..." which looks promising but I > can't find any documentation on how to use it. > > Also this works in linux > "echo Mary had a little lamb|gpg --yes -eat -o test.txt.gpg -r [keyid]" > > but I don't know how to do something similar in dos/windows > > thanks, Philip > > John Clizbe wrote: >> Philip wrote: >>> Hi >>> I have some questions about gpg >>> 1. using gpg command line, can I pass data to be encrypted to gpg that >>> isn't in a file? For example if I want to encrypt "Mary had a little >>> lamb" to a an asc file but I don't want to put that text onto the hard >>> drive unencrypted first. >> >> gpg will behave as a pipe or if given no input, quietly wait for you to >> type something in. >> >>> 2. is there something like gpgme that can be used easily for pascal >>> programmers? >>> Personally I use freepascal and I just want to be able to select a key, >>> encrypt and decrypt from within my program. >>> If anyone knows of any opensource pascal programs that use gnupg it >>> would be appreciated. >> >> Pascal bindings should exist for the current gpgme, I've just not found >> them. >> >> I've worked with one pascal program that used gpgme bindings but it was >> code before gpgme API changed. I'd love to find updated bindings and >> save myself the effort of updating the old ones >> >> >> >> >> >> ___ >> Gnupg-users mailing list >> Gnupg-users@gnupg.org >> http://lists.gnupg.org/mailman/listinfo/gnupg-users > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
offtopic: need help from Mac owner
Hi All I need someone with a Safari browser to test something for me: it wont take more than 3 min. I have a webpage that unjumbles words, and which is somewhat popular. I am building a new version which is AJAX based and the prototype is ready. I have tested it on Opera, IE, Firefox (on Windows and Linux) but do not have a way to test on Safari. Please do the following: 1. Navigate to http://unjumble.seeingwithc.org/unjumx.php. 2. In the text box, enter 'llarec' (without quotes) and press enter. A wait icon should be shown, and afterwards 'caller' should be displayed. 3. In the text box, enter 'otalt' and this time, instead of pressing enter - press the Unjumble button. Same thing should happen, 'lotta' should be displayed. In no case should the form reload. Please let me know what happens. Regards Hardeep Singh http://blog.Hardeep.name ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt / Decrypt Scripts
so you were on Windows :-) you didnt mention it and I assumed *nix. Hardeep Singh http://blog.Hardeep.name On Wed, Oct 29, 2008 at 9:19 AM, Saltorr <[EMAIL PROTECTED]> wrote: > Thanks Hardeep, > > I think I found a very simple solution if the Command ends successfully > then the ERRORLEVEL will be ZERO (0) > > > REM Encrypt > > gpg --batch --encrypt-files -r "KEY" *.zip > > > echo.ERROR LEVEL: %ERRORLEVEL% > > IF %ERRORLEVEL% ==0 GOTO ZERO > IF %ERRORLEVEL% ==2 GOTO TWO > IF %ERRORLEVEL% ==1 GOTO ONE > > GOTO END > > :ZERO > ECHO ENCRYPTION_OKAY ! > del *.zip > GOTO END > > :TWO > ECHO PROCESS FAIL > SEND MAIL > GOTO END > > :ONE > ECHO PROCESS FAIL > SEND MAIL > > :END > > Regards, > Salvador Torres C. > > > -- > From: "Hardeep Singh" <[EMAIL PROTECTED]> > Sent: Tuesday, October 28, 2008 5:50 AM > To: "Salvador Torres" <[EMAIL PROTECTED]> > Cc: > Subject: Re: Encrypt / Decrypt Scripts > >> This may be of help, although it doesnt apply directly: >> >> http://blog.hardeep.name/computer/20080904/auto-gpg/ >> >> Hardeep Singh >> http://blog.Hardeep.name >> >> >> >> 2008/10/28 Salvador Torres <[EMAIL PROTECTED]>: >>> >>> Hi, >>> I'm trying to run some Scripts to Encrypt and Decrypt files >>> automatically.. >>> >>> now the questions are: >>> >>> How can I delete the *.ZIP files after this command is executed without >>> errors ? >>> >>> gpg --batch --encrypt-files -r "KEY" c:\test2\*.zip >>> >>> Same case here: >>> >>> How can I delete the *.gpg files after this command is executed without >>> errors and Successfully? >>> >>> gpg --passphrase-fd 0 --batch --decrypt-files *.gpg >> >>> Thanks, >>> SalTorr >>> ___ >>> Gnupg-users mailing list >>> Gnupg-users@gnupg.org >>> http://lists.gnupg.org/mailman/listinfo/gnupg-users >>> >>> > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Use of gen-random
I am sure people have still not explained at a level you would understand. Hence I am having a go. In physical terms entropy means the amount of disorder. Example, take a square box and add some white marbles to it. then add some black marbles. At this time all white marbles lie at the lower levels where as black marbles are at higher levels. Which means there is order, and entropy is less. Shake the box. Now entropy has increased. In the same way, when you work on the PC, entropy generating processes keep recording random data. For example each person has a different typing speed/habbit. This is used as one basis for entropy. Another way is disk access. When a process asks for random data, its given out of the pool. The story forward is well explained in the other replies. Hardeep Singh http://blog.Hardeep.name On Fri, Oct 31, 2008 at 11:01 PM, Michael <[EMAIL PROTECTED]> wrote: > Hi all, I was trying out one of the options of gpg, as it arose during > a discussion on the group. > > gpg --gen-random [012] n > > does what I would reasonably expect: generates 'n' random bits of data > using one of three methods. However, on reading up the option in the man > page it mentions the possibility of "removing entropy from your system". > > Actually, from the man page: > > --gen-random 0|1|2 > Emit _ random bytes of the given quality level. If > > count is not given or zero, an endless sequence of > random bytes will be emitted. PLEASE, don't use this > command unless you know > what you are doing; it may > remove precious entropy from the system! > > > Now I'll admit openly I don't always know /exactly/ what I am doing, > but am prepared to make mistakes to learn. At first I thought perhaps > the documentation writers were having a bit of a joke a la many unix > man pages have a geeky sense of humour. But on reflection I realise > that they are being serious here. > > So I am curious, how might I _lose_ entropy by _generating_ random > numbers? What do each of the three methods do? > > So I experiment, and generate a small number (20 bits) of random > numbers at the command line as per > gpg --gen-random 0 20 > and it outputs what looks like gibberish to me. I won't copy the > actual output simply because anyone can do this experiment for > themselves to see the sort of output you get. > > But when I use the 2 method, I get an error/warning about running > diskperf in order to generate disk statistics. Well, I don't have > diskperf on my windows system (though there may well be a win version, I > don't know). What I am concerned about is why it might want disk > statistics and have I "lost precious entropy" from my system? > > Let me say, I'm partly humorous here; if I understand roughly what is > happening, then the danger is to not set a specific number of bits and > hence run the risk of gen-random simply emitting random data until it > eventually somehow 'overflows the available randomness' inherent in my > system. But simply outputting 20 random bits wouldn't risk doing that, so > my little experiment is fairly safe. Since it doesn't go much into the > details in the man page about what the methods are, and what the risk > actually is (it may be highly technical and hence beyond the scope of a > manual) it seems appropriate to ask in this forum, since it came up. > > Although my background is technical, and I can understand mathematical > expressions, I don't read source code for breakfast and am really more > curious about the engineering details of what is going on rather than a > mathematical description. Where does gpg "gather" it's randomness, and > just how much is available in a simple system such as mine? > > And just finally, may I take the opportunity to say how much I enjoy > the various discussions in this group, generally the quality of the > questions and the help has consistently been excellent. > > Cheers for now, > Michael Kortvelyesy. > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt / Decrypt Scripts
This may be of help, although it doesnt apply directly: http://blog.hardeep.name/computer/20080904/auto-gpg/ Hardeep Singh http://blog.Hardeep.name 2008/10/28 Salvador Torres <[EMAIL PROTECTED]>: > Hi, > I'm trying to run some Scripts to Encrypt and Decrypt files automatically.. > > now the questions are: > > How can I delete the *.ZIP files after this command is executed without > errors ? > > gpg --batch --encrypt-files -r "KEY" c:\test2\*.zip > > Same case here: > > How can I delete the *.gpg files after this command is executed without > errors and Successfully? > > gpg --passphrase-fd 0 --batch --decrypt-files *.gpg > Thanks, > SalTorr > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem running automated gpg
Tried to figure this one out, but no direct clue. My suggestions:
create a shell script and call the shell script from perl, rather than
directly calling gpg with all the parameters. Second, try to print the
current user from within perl similarly as printing ~. These two might
give you some clue.
Hardeep Singh
http://blog.Hardeep.name
2008/10/22 Adam Robins <[EMAIL PROTECTED]>:
> Hello,
>
>
>
> I have a perl script called encrypt.pl that runs gpg as follows:
>
>
>
> system("gpg -r 'username' --batch --encrypt-files 'filename.ext'
> 2>gpgerr.log");
>
>
>
> When I run this from the console as root it works fine. However, if I run
> it from cron as root:
>
>
>
> */1 * * * * root /home/user/scripts/encrypt.pl 2> gpgerr.log
>
>
>
> I get the following error:
>
>
>
> gpg: failed to create temporary file
> `~/.gnupg/.#lk0x9693868.server.domain.com.28416': No such file or directory
>
> gpg: fatal: ~/.gnupg: can't create directory: No such file or directory
>
> secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768
>
>
>
> The directory "/root/.gnupg" is there. Permissions are drwx-- root
> root. I also tried chmod 777.
>
>
>
> If I put a command in the perl script:
>
>
>
> System('echo ~');
>
>
>
> I get "/root" as a result. This leads me to believe that gpg is trying to
> place the temp file in a directory other than "/root/.gnupg" when run from
> cron.
>
>
>
> Any ideas are appreciated.
>
>
>
> Thanks,
>
> Adam
>
>
>
> _
> Adam Robins, CCP
> Executive Vice President / Chief Information Officer
>
> PHARMACENTRA, LLC
> 5901B Peachtree Dunwoody Road, Suite 380
> Atlanta, GA 30328
>
>
>
> Office: 770-395-0088 x2034
>
> Mobile: 770-855-1360
> Fax: 770-395-0989
> E-mail: [EMAIL PROTECTED]
>
> Web:www.pharmacentra.com
>
> _
>
>
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Someone has harvested my address
http://blog.hardeep.name/computer/20080806/spam-gmail/ This is one way to avoid this. Have a "public" address and a private address. Redirect email from the public address to the real (private) one when the "from" field matches that of the lists you subscribe to. On Sun, Sep 7, 2008 at 7:08 PM, Bill Royds <[EMAIL PROTECTED]> wrote: > > On 7-Sep-08, at 05:50 , Phil Reynolds wrote: > >> It seems that somebody has harvested this address, as I received an >> off-list spam to it. > > > If you have added that address to a public PGP key server, that will be the > reason. spammers have been harvesting key servers within the pgp.net domain > for several years. > > As well, anything sent to a public list like this may be archived on web > pages, inviting harvest for spam. > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Hardeep Singh http://blog.Hardeep.name ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Comments please
Hi All For your comments, suggestions for improvement: http://blog.hardeep.name/computer/20080904/auto-gpg/ Thanks & Regards Hardeep Singh http://blog.Hardeep.name ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Automate decryption
Hi This question pops up from time to time. I have written a blog post on this: http://blog.hardeep.name/computer/20080904/auto-gpg/ I havent added details on how to secure the passphrase and key file - but maybe I can do that. Please send in comments - better if you post them on the blog itself. Regards Hardeep On Fri, Aug 29, 2008 at 10:34 PM, Robert J. Hansen <[EMAIL PROTECTED]> wrote: > Duwaine Robinson wrote: >> I want to automate decryption with GnuPG and I am not sure how is the >> best way to go about handling the passphrase. Anybody have any ideas, >> suggestions or any failed attempts to speak of? > > It's fairly easy to automate things with Perl. Biggest concern will be > keeping the file unreadable by other users, though, since your > passphrase will be in the file. > > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Hardeep Singh http://blog.Hardeep.name ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: playing with cryptography...
Hi > The OpenPGP trust model is a proper superset of the centralized hierarchical > trust model most often seen in the X.509 world. Several years ago Matt Blaze > made the observation that commercial CAs will protect you against anyone who > that CA refuses to accept money from. > Well, that may be true, but there are currently no options that are significantly better. The WOT model used by GPG is better? Maybe, but not significantly. > Most Class I Certificates only prove you have control of the email address. > Not > that you actually are who the name and email purport to be. There is nothing that can prove who you say you are. State provided ID cards only prove that you were able to convince the system that you have a specific name. Let me know if you feel differently. Regards Hardeep ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RE: Corporate use of gnupg
Hi All Isnt it pretty easy to have a script on the server (try to) decrypt each email. If the email decrypts, fine else not allow the email to go through. That will force people to retain the option in conf file if they want their message to reach. Regards Hardeep Singh http://www.SeeingWithC.org/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Shaw Sent: Tuesday, February 19, 2008 7:04 PM To: gnupg-users@gnupg.org Subject: Re: Corporate use of gnupg On Fri, Feb 15, 2008 at 07:00:12PM -0800, Texaskilt wrote: > > I guess what we are wanting is for every mail user to have their own > public/private key. This way they can encrypt their own email on the > corporate system. > > In addition, every email would also be encrypted using the "corporate key" > that would be in the hands of a select few (supposedly). > > For example, the sales force can send encrypted mail to each other, > but when a salesperson leaves the company, the Email Admin can > retreive and decrypt the email so that the salesperson's replacement > can pick up their accounts without too much disruption. > > Looks like this is ADK. Is there any way to do this on gpg? Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf. Of course, they could turn around and take it right out again. Unless you have pretty tight control over the environment, ADKs or encrypt-tos are not foolproof (and that applies to both PGP and GPG). As I said before, note that this isn't safe because of the crypto math. It's "safe" because you can fire people who don't do it. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users DISCLAIMER: --- The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any mail and attachments please check them for viruses and defect. --- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
SPOJ signature - may be offtopic
Hi The Sphere online judge is signing the certificates like this: http://www.spoj.pl/status/hardeeps/signedlist/ I am not able to understand if this is a simple hash of the contents, or if this is a gpg-based sign (it doesnt look like correct format). There is no public key on their site. Could anyone try and understand what kind of signature this is, what hash function is used? Just hashing the content doesnt prove anything - anybody could change both the content and the hash. Thanks & Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Prime searching
Hi Could any one tell me the high-level prime search method employed by GPG? Is it something like this: - generate a random number - is it prime? if yes, use it - if not, continue adding ones to it until a prime number is found Also, which algorithm is used by GPG for testing primality? Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Social networking
Hi All Current social networking sites have a major problem: anybody can download your photograph and related details, edit them to his wish, and repost on the same site. I would suggest the following: building of, or using an existing WOT and each person wishing to join the social networking site be asked to get his profile (photo, name, DOB and some basic details) signed by three people already in the WOT. Once this is done, a centralised identity, sign the profile having verified the signatures by the other three people. Uploads of the photo and profile to any social networking site would then require a profile signed by the centralised authority. An exchange of any secret can be done to ensure that the person uploading the profile is the owner, and the basic details entered by the uploader verified against those in the profile. Does this make sense? Is there a way to make this work without the centralised identity? Regards Hardeep ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Offtopic: Compiling a Windows program for Linux
Hi This is offtopic, but since all I am seeking is broad guidelines and a lot of people here compile programs on Linux, I thought it easier than to join a new list. I have the source of a program about 2000 lines big, written for windows. How much of an effort would it be, and what would be the major changes needed in the source to have it compile for Linux. Also, if someone could show me the command line needed to compile it, given the source, the resource header and the .RC file that would be great using GCC. The following code needs changes in my opinion: 1. The program uses the registry to store persistent values. It would need to change to use a config file. 2. The file access path needs to use the unix file structure 3. The code to access the save and other standard dialogs needs to change? 4. Can I continue to use windows.h? If not, what would it be replaced with? 5. The program allows saving a part of the screen to a bitmap. Can someone tell me if that part of the code needs to change? And if so, how. Thanks & Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Decrypt only if signed
Hi I am writing a batch script and the basic requirement is that GPG should only decrypt the file if its signed by using one of the keys in the keyring. If it has not been signed, just encrypted, it should leave it encrypted and not decrypt it. The additional requirement, if possible, is that it should only decrypt if signed by a specific KEY ID. Please let me know if this is possible through GPG with some shell scripting if needed. Thanks & Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Fwd: ECC - how does it compare
Hi All Thanks for your thoughts. I was also looking forward to your comments on what NSA is saying. For one, they claim RSA is "old" even with longer keys. Why are they making a case for ECC. Is it easier to crack. Another thing I could think of us that ECC key generation is like a one-way hash. If you input the same password, given the same curve, the key generated will always be the same. So, basically, there is no randomness involved in key generation. Doesnt that make ECC more prone to dictionary attacks? Regards Hardeep -- Forwarded message ------ From: Hardeep Singh <[EMAIL PROTECTED]> Date: Oct 29, 2007 11:05 PM Subject: ECC - how does it compare To: gnupg-users@gnupg.org Hi All I recently looked at software called 'seccure' which is available for linux. Its a tool for public key encryption using ECC rather than prime number factoring. http://www.nsa.gov/ia/industry/crypto_elliptic_curve.cfm Here NSA is making a case for ECC. One advantage that does seem to exist is that there is no need to persistently store any part of the key - so the threat of someone meddling with your key on the pen drive seems to be removed. What do you all think about this? Should we start building an ECC WOT? :-) Regards Hardeep Singh -- Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
ECC - how does it compare
Hi All I recently looked at software called 'seccure' which is available for linux. Its a tool for public key encryption using ECC rather than prime number factoring. http://www.nsa.gov/ia/industry/crypto_elliptic_curve.cfm Here NSA is making a case for ECC. One advantage that does seem to exist is that there is no need to persistently store any part of the key - so the threat of someone meddling with your key on the pen drive seems to be removed. What do you all think about this? Should we start building an ECC WOT? :-) Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Converting ascii armored signature to cleartext
How do we do that? On 6/27/07, David Shaw <[EMAIL PROTECTED]> wrote: > On Mon, Jun 25, 2007 at 02:06:55PM +0200, Werner Koch wrote: > > On Sun, 24 Jun 2007 12:07, [EMAIL PROTECTED] said: > > > > > If someone sends me an ASCII armoured file with some signed text, can > > > I convert it into cleartext sign so that I can display it to people > > > without GPG also? > > > > In general not because the canonicalization is different between the > > formats. A conversion would break the signature. > > Interestingly enough, while you can't always go from a signed file to > a clearsigned file, you can safely do the opposite of what the > original poster asked: converting from cleartext to a signed file > (armored or not) is possible. > > (I'm not sure when someone would want to do this, but...) > > David > -- Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Converting ascii armored signature to cleartext
Hi If someone sends me an ASCII armoured file with some signed text, can I convert it into cleartext sign so that I can display it to people without GPG also? Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP software pirated
> Even if the PGP license key was somehow compromised (which I highly > doubt), it does not follow that "probably our keys can also be > cracked". Why not? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Revoke and expire
Hi When a key is revoked using the revocation certificate, does it have the same effect as reaching the expiry date of the key? In other words if I set a key to no expire but generate a revocation certificate, it is equally safe? Regards Hardeep ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
PGP software pirated
Hi All Someone gave me a PGP signed message that unlocks the paid version of PGP. Just to be sure it worked, I tried it and then uninstalled the software (I dont use pirated stuff, GPG is much better for me). However, does this mean that someone was able to find the private key for the key PGP uses to sign licenses? If that could be found, then probably our keys can also be cracked. While I personally find this impossible, I want to know how the hackers were able to give me a signed message? Is it possible they tweaked PGP to use their private key instead of PGPs and hence PGP is not really broken? Regards Hardeep Singh ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Questions from a newbie
Hi All I need to travel a lot and send emails/proposals on the go. Mostly I just carry my docs on a pendrive, rarely also carrying a laptop. So even though I have known PGP for quite a long time and I tried my hand at it, also at thawte, I never took it seriously since PGP needs to be installed and all. Now I found GnuPG and liked it - its small and can be carried on the pendrive easily. I have a few questions: 1. While creating the key, I noticed RSA is sign only. Does it mean an RSA key cannot be used to encrypt? Why so - even RSA is now in public domain I believe. PGP (the free version) also allows RSA keys. The algorithm used instead by GnuPG is "DSA and Elgamal' which I havent heard of and dont know if they are equally secure. Are these compatible with PGP? 2. What happens if I loose the pendrive? They would not know the password but they would have the secret key. Does it make it easier for them to hack the messages I have already received, and possibly the encrypted files I have stored on the same pendrive? 3. Is there a wipe function or a wipe software also available from Gnu similar to the one offered by PGP? I need one that can be run from a pendrive without installation. Regards Hardeep Singh Give your resume visibility. Get a home for it. Resume Central. http://RC.Hardeep.name ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
