Re: File name seen by gpg

2018-10-31 Thread Werner Koch 
On Wed, 31 Oct 2018 01:33, alvaro@gmail.com said:
> It seems I was not looking at the right keywords when I searched, because I 
> couldn't find that option before.

Note that the filename stored with the encrypted or signed data is not
even convered by the signature.  Thus it is possible to anyone to change
the filename in a signed file and trick the recipient into creating a
file of that name.  This is why gpg does not use that name for the
output file.



Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpUAA1bXX4SG.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: File name seen by gpg

2018-10-30 Thread Alvaro Martínez 
It seems I was not looking at the right keywords when I searched, because I 
couldn't find that option before.

Thanks for your reply. I ended up discarding the possibility of re-generating 
these files, because I kept reading and found that GPG by default adds a salt 
to the passphrase, meaning there is no way for me to generate the same cypher 
text again. I'm not even sure I should rely on that, by the way, so I'll have 
to design a more robust system for my long-term backups :)


-Original Message-
From: MFPA [mailto:2017-r3sgs86x8e-lists-gro...@riseup.net] 
Sent: Sunday, October 28, 2018 11:06 AM
To: Alvaro Martínez on GnuPG-Users 
Cc: Alvaro Martínez 
Subject: Re: File name seen by gpg

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Thursday 25 October 2018 at 9:29:35 PM, in
,
Alvaro Martínez wrote:-


> Is there any way to tell GPG which name it should use
> for the input
> file in the encrypted data?

Maybe it's 
https://gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html#index-set_002dfilename

  --set-filename string

 Use string as the filename which is stored inside
 messages. This overrides the default, which is to use
 the actual filename of the file being encrypted.
 Using the empty string for string effectively removes
 the filename from the output.


- --
Best regards

MFPA  <mailto:2017-r3sgs86x8e-lists-gro...@riseup.net>

There is no snooze button for a cat that wants breakfast
-BEGIN PGP SIGNATURE-

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCW9XCWl8UgAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+tAZAP0escSGxvqZhW0nCLFiy+t+rNyS9bjakb1S8L4DsHHamQEAzXx/3zmZ5/Xe
SDGtIcAzI6ky5neNHIfDu+8+TJLhAw2JApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCW9XCWl8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/0AqD/9u6jKM+6sRIsg6yuMdvZcuEzq5
p/VWR+p+ttlcseI2CiE5TIWtORfTS4vxAXHuijv/tL/Ssv8ul2nLVH718VjqsARy
iMyAEr82ta1D3WPH8IljaKlD+qJndTRI73wRF9F+rUVacrsy+2Hu7wJlPZc1tUSs
jRY9Egk8rbELGWa14d0fiqGI4IOcSOaA44+CbZTMGvmfHuxB94m5utFa8tb97IsC
Q2KYpQ4MXP0fcXQxD8zaqDibvmPWU/kGwcZi2MVZpN4NpmYMSVQ9EwJqFoNZzNGN
is3MP+OrxSHypz9xOnRePNuv49DiEky8/jKZBd8bWliTXAeik3s3I1/uFoYkVvKA
yIg3ffb34W6ckfOLnapXRe/EvsulAUhUkSEjS0wDmS0C+zuZ0IR5dxlIc45roZWm
1e0i/Yx4fVnRQnTAGn4/wB8Ornk7w98JiC86qyZw/FiiZKbW4p7fE1mAnwN01GF0
dl4y49o19gdtRCXqkOQ0VGbCKJ+FqES6J92TWMan7MgkLHLbTeVkImVmsfabLvvO
fiAYogyCwxX22l3ISwaycTY5CENehbu5tQlIvzyNsVoaF8kKJNH5wFHfi7h1HDAG
MUlqGGLi2u8z72PtoKjwOjktTvH46QhIIYbPYhaATILb+XuhpvEJL5e2KYCxZVL5
8OYdb2tR9XQIvmzykA==
=lUDX
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: File name seen by gpg

2018-10-28 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Thursday 25 October 2018 at 9:29:35 PM, in
,
Alvaro Martínez wrote:-


> Is there any way to tell GPG which name it should use
> for the input
> file in the encrypted data?

Maybe it's 
https://gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html#index-set_002dfilename

  --set-filename string

 Use string as the filename which is stored inside
 messages. This overrides the default, which is to use
 the actual filename of the file being encrypted.
 Using the empty string for string effectively removes
 the filename from the output.


- --
Best regards

MFPA  

There is no snooze button for a cat that wants breakfast
-BEGIN PGP SIGNATURE-

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCW9XCWl8UgAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+tAZAP0escSGxvqZhW0nCLFiy+t+rNyS9bjakb1S8L4DsHHamQEAzXx/3zmZ5/Xe
SDGtIcAzI6ky5neNHIfDu+8+TJLhAw2JApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCW9XCWl8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/0AqD/9u6jKM+6sRIsg6yuMdvZcuEzq5
p/VWR+p+ttlcseI2CiE5TIWtORfTS4vxAXHuijv/tL/Ssv8ul2nLVH718VjqsARy
iMyAEr82ta1D3WPH8IljaKlD+qJndTRI73wRF9F+rUVacrsy+2Hu7wJlPZc1tUSs
jRY9Egk8rbELGWa14d0fiqGI4IOcSOaA44+CbZTMGvmfHuxB94m5utFa8tb97IsC
Q2KYpQ4MXP0fcXQxD8zaqDibvmPWU/kGwcZi2MVZpN4NpmYMSVQ9EwJqFoNZzNGN
is3MP+OrxSHypz9xOnRePNuv49DiEky8/jKZBd8bWliTXAeik3s3I1/uFoYkVvKA
yIg3ffb34W6ckfOLnapXRe/EvsulAUhUkSEjS0wDmS0C+zuZ0IR5dxlIc45roZWm
1e0i/Yx4fVnRQnTAGn4/wB8Ornk7w98JiC86qyZw/FiiZKbW4p7fE1mAnwN01GF0
dl4y49o19gdtRCXqkOQ0VGbCKJ+FqES6J92TWMan7MgkLHLbTeVkImVmsfabLvvO
fiAYogyCwxX22l3ISwaycTY5CENehbu5tQlIvzyNsVoaF8kKJNH5wFHfi7h1HDAG
MUlqGGLi2u8z72PtoKjwOjktTvH46QhIIYbPYhaATILb+XuhpvEJL5e2KYCxZVL5
8OYdb2tR9XQIvmzykA==
=lUDX
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

File name seen by gpg

2018-10-25 Thread Alvaro Martínez 
Hello,

I just joined the list, hoping to find some guidance regarding my use of
gpg as part of a backup scheme.

Background:
I uploaded files to Amazon S3, after encrypting them locally. I kept a log
containing the hash of the encrypted file, the hash of the plain file, and
the file name. The idea is that I would regularly hash the files on my
computer and check the hashes against the copies in S3. I used symmetric
encryption because I read that public key encryption done by GPG includes
some random content and therefore does not always produce the same output.

Issue:
I didn't know when I encrypted the files that the file name is part of the
encrypted data, and therefore a change in the file name changes the
resulting hash. I have files with accented characters on their names, those
names were encoded in UTF-8 by a Linux system. I am now using a Mac, which
encodes the same characters in a different way ("fully decomposed" vs the
original "precomposed" UTF-8), so the hashes of the encrypted files do not
match.

Question:
I want to use a scheme which allows me to somehow future-proof my backups.
I can still do the checks and backups in a Linux box, but this issue made
me realize subtle system changes can break my backup strategy easily.

I read elsewhere that GPG can be told to not store any name, but if I do
that I'll have to re-upload my files, and although I'm willing to do that
for an improvement in the backup scheme, it would be quite painful on my
512Kbps line.

Is there any way to tell GPG which name it should use for the input file in
the encrypted data? something like the "iconv" option for rsync would be
ideal, but my searches on the web don't return any results.


Thanks for reading :)
Regards
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users