re: How can I add encrypted comments
vedaal at nym.hush.com vedaal at nym.hush.comwrote on Thu Jan 14 19:37:37 CET 2021: >but functionally, yes, it can be done.- my mistake. Can't really be done this way :-((= >[1] Armor the signature file( gpg --armor filename.sig ) -should be enarmor instead of armor :-( this outputs to filename.sig.asc [2[ Armor your encrypted comments, and copy them to the end of thefilename.sig.asc, (leave one blank line between the pgp footer of the signature file,and the pgp header of the encrypted file) [3] Save the whole thing as filename.sig.asc [4] gpg filename.sig,asc will automatically verify the sig if theoriginal signed file 'filename' is present, and also decrypt the addedcomments-It doesn't.It gives weird error messages. sorry ;-( vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On Thu, Jan 14, 2021 at 11:15 PM Ayoub Misherghi via Gnupg-users wrote: > > > On 1/14/2021 10:37 AM, ved...@nym.hush.com wrote: > > On 1/14/2021 at 4:47 AM, "Ayoub Misherghi via Gnupg-users" > wrote: > > > I am encrypting and signing documents with myself as the receiver. Nobody > else will want to look inside them. Is it possible to add encrypted comments > or other information to a separated signature file; and later retrieve this > additional information? I want to be able to decrypt the signature file alone > and retrieve all the information I put inside it. > > > = > > Not exactly, > > but functionally, yes, it can be done. > > > [1] Armor the signature file( gpg --armor filename.sig ) this > outputs to filename.sig.asc > > > [2[ Armor your encrypted comments, and copy them to the end of the > filename.sig.asc, > > (leave one blank line between the pgp footer of the signature file, and the > pgp header of the encrypted file) > > > [3] Save the whole thing as filename.sig.asc > > > [4] gpg filename.sig,asc will automatically verify the sig if the original > signed file 'filename' is present, and also decrypt the added comments > > > vedaal > > = > > I have the concern that if this is not part of GPG, future versions of GPG > may not allow it; leaving me in the lurch. > > > I have these questions: > > [Q1] Does this mean "filename.sig.asc" will still be decrypted if "filename" > is not present? > > [Q2] Is there a reason why the functionality is missing from GPG? > > [Q3] The references I find on the internet are directed at users of GPG and > not > > developers of applications of GPG, can you please direct me to references > that > > show me things like the format of the signature file, armor and not? > > > Thanks, > > Ayoub Sorry for chiming in, the link I gave you is normally meant for implementors of OpenPGP software. In case this is not so easy to understand you may try a visually approach, while creating some standard files/sigs and then examine the armored bytes with this tool: https://github.com/ConradIrwin/gpg-decoder Best regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On 1/14/2021 10:37 AM, ved...@nym.hush.com wrote: On 1/14/2021 at 4:47 AM, "Ayoub Misherghi via Gnupg-users" wrote: I am encrypting and signing documents with myself as the receiver. Nobody else will want to look inside them. Is it possible to add encrypted comments or other information to a separated signature file; and later retrieve this additional information? I want to be able to decrypt the signature file alone and retrieve all the information I put inside it. = Not exactly, but functionally, yes, it can be done. [1] Armor the signature file ( gpg --armor filename.sig ) this outputs to filename.sig.asc [2[ Armor your encrypted comments, and copy them to the end of the filename.sig.asc, (leave one blank line between the pgp footer of the signature file, and the pgp header of the encrypted file) [3] Save the whole thing as filename.sig.asc [4] gpg filename.sig,asc will automatically verify the sig if the original signed file 'filename' is present, and also decrypt the added comments vedaal = I have the concern that if this is not part of GPG, future versions of GPG may not allow it; leaving me in the lurch. I have these questions: [Q1] Does this mean "filename.sig.asc" will still be decrypted if "filename" is not present? [Q2] Is there a reason why the functionality is missing from GPG? [Q3] The references I find on the internet are directed at users of GPG and not developers of applications of GPG, can you please direct me to references that show me things like the format of the signature file, armor and not? Thanks, Ayoub ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
re: How can I add encrypted comments
vedaal at nym.hush.com vedaal at nym.hush.comwrote on Thu Jan 14 19:37:37 CET 2021: >but functionally, yes, it can be done.- my mistake. Can't really be done this way :-((= >[1] Armor the signature file ( gpg --armor filename.sig ) -should be enarmor instead of armor :-( this outputs to filename.sig.asc [2[ Armor your encrypted comments, and copy them to the end of thefilename.sig.asc, (leave one blank line between the pgp footer of the signature file,and the pgp header of the encrypted file) [3] Save the whole thing as filename.sig.asc [4] gpg filename.sig,asc will automatically verify the sig if theoriginal signed file 'filename' is present, and also decrypt the addedcomments-It doesn't.It gives weird error messages.sorry ;-( vedaal___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On 1/14/2021 11:52 AM, Stefan Claas wrote: > On Thu, Jan 14, 2021 at 8:16 PM Stefan Claas > wrote: >> >> On Thu, Jan 14, 2021 at 10:46 AM Ayoub Misherghi via Gnupg-users >> wrote: >>> >>> >>> I am encrypting and signing documents with myself as the receiver. Nobody else will want to look inside them. Is it possible to add encrypted comments or other information to a separated signature file; and later retrieve this additional information? I want to be able to decrypt the signature file alone and retrieve all the information I put inside it. >> >> You can add Comments: to a detached signature, yes, but beware that these >> encrypted content must be seperated for each comment line. >> >> I have not tested this yet, but you could with a shell script use some format >> or lenght preserving encryption software, like Google's Adiantum with a base64 >> encoder and then would have the smallest possible symmetrically encrypted >> output for a message as Comment: line. You can do this also manually >> of course as much as you wish because it does not invalidate the signature. >> >> Hope this helps a bit. > > Here is a quick manually inline sig. > > First message with GnuPG symmetric content in Comment lines > and second same message with Google's Adiantum+base64 > > You see the difference, what I mean with format preserving. > Hello World! :-) Regards Stefan > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Hello World! :-) > > Regards > Stefan > -BEGIN PGP SIGNATURE- > Comment: vHgPAUzXglLiVFelwf0jjUzXCNIqSrinvNhjF+JRkd8K > > iHUEARYIAB0WIQR61Pk5PUF7u6Rs+mem3tVibXmEGgUCYACeDgAKCRCm3tVibXmE > Gpk6AP98iXZb8gd0NDvOllByTHkrcQvQluXd/db1c5u+skm90gEAj5c991XdP5s5 > clB9wwK9G8XoCDJnhfMLWljuvjCM8Ac= > =XJXL > -END PGP SIGNATURE- > > Regards > Stefan Yes I see, thanks. You went at length to help me. Can you please point me to a reference that discusses the standard format of the signature file? I might do something silly. Best regards, Ayoub ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On Thu, Jan 14, 2021 at 9:30 PM Ayoub Misherghi wrote: > Yes I see, thanks. You went at length to help me. Can you please point me to > a reference that > > discusses the standard format of the signature file? I might do something > silly. Here is the offical OpenPGP RFC: https://tools.ietf.org/html/rfc4880 And have fun doing something 'silly' ! ;-) Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On 1/14/2021 at 4:47 AM, "Ayoub Misherghi via Gnupg-users" wrote: body p { margin-bottom:0; margin-top:0; } I am encrypting and signing documents with myself as the receiver. Nobody else will want to look inside them. Is it possible to add encrypted comments or other information to a separated signature file; and later retrieve this additional information? I want to be able to decrypt the signature file alone and retrieve all the information I put inside it. = Not exactly, but functionally, yes, it can be done. [1] Armor the signature file( gpg --armor filename.sig ) this outputs to filename.sig.asc [2[ Armor your encrypted comments, and copy them to the end of the filename.sig.asc, (leave one blank line between the pgp footer of the signature file, and the pgp header of the encrypted file) [3] Save the whole thing as filename.sig.asc [4] gpg filename.sig,asc will automatically verify the sig if the original signed file 'filename' is present, and also decrypt the added comments vedaal___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On Thu, Jan 14, 2021 at 8:16 PM Stefan Claas wrote: > > On Thu, Jan 14, 2021 at 10:46 AM Ayoub Misherghi via Gnupg-users > wrote: > > > > > > I am encrypting and signing documents with myself as the receiver. Nobody > > else will want to look inside them. Is it possible to add encrypted > > comments or other information to a separated signature file; and later > > retrieve this additional information? I want to be able to decrypt the > > signature file alone and retrieve all the information I put inside it. > > You can add Comments: to a detached signature, yes, but beware that these > encrypted content must be seperated for each comment line. > > I have not tested this yet, but you could with a shell script use some format > or lenght preserving encryption software, like Google's Adiantum with a base64 > encoder and then would have the smallest possible symmetrically encrypted > output for a message as Comment: line. You can do this also manually > of course as much as you wish because it does not invalidate the signature. > > Hope this helps a bit. Here is a quick manually inline sig. First message with GnuPG symmetric content in Comment lines and second same message with Google's Adiantum+base64 You see the difference, what I mean with format preserving. -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello World! :-) Regards Stefan -BEGIN PGP SIGNATURE- Comment: -BEGIN PGP MESSAGE- Comment: Comment: jA0EBwMCMx3mMIiLwjPH0mgBh3We4k31HkKJ7W8c9oju++X96uaNVB5mMEDJhhr6 Comment: Ao5wibzeivfsfFL9Si2cCc/X9kUG2maKHSwb+51nwtcFSRNT2h99SQlbMPzRkoku Comment: EkyCpYpeq+d8gyMeJ+uNgEvtAwHF35RYVQ== Comment: =Vain Comment: -END PGP MESSAGE- iHUEARYIAB0WIQR61Pk5PUF7u6Rs+mem3tVibXmEGgUCYACeDgAKCRCm3tVibXmE Gpk6AP98iXZb8gd0NDvOllByTHkrcQvQluXd/db1c5u+skm90gEAj5c991XdP5s5 clB9wwK9G8XoCDJnhfMLWljuvjCM8Ac= =XJXL -END PGP SIGNATURE- -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello World! :-) Regards Stefan -BEGIN PGP SIGNATURE- Comment: vHgPAUzXglLiVFelwf0jjUzXCNIqSrinvNhjF+JRkd8K iHUEARYIAB0WIQR61Pk5PUF7u6Rs+mem3tVibXmEGgUCYACeDgAKCRCm3tVibXmE Gpk6AP98iXZb8gd0NDvOllByTHkrcQvQluXd/db1c5u+skm90gEAj5c991XdP5s5 clB9wwK9G8XoCDJnhfMLWljuvjCM8Ac= =XJXL -END PGP SIGNATURE- Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I add encrypted comments.
On Thu, Jan 14, 2021 at 10:46 AM Ayoub Misherghi via Gnupg-users wrote: > > > I am encrypting and signing documents with myself as the receiver. Nobody > else will want to look inside them. Is it possible to add encrypted comments > or other information to a separated signature file; and later retrieve this > additional information? I want to be able to decrypt the signature file alone > and retrieve all the information I put inside it. You can add Comments: to a detached signature, yes, but beware that these encrypted content must be seperated for each comment line. I have not tested this yet, but you could with a shell script use some format or lenght preserving encryption software, like Google's Adiantum with a base64 encoder and then would have the smallest possible symmetrically encrypted output for a message as Comment: line. You can do this also manually of course as much as you wish because it does not invalidate the signature. Hope this helps a bit. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
How can I add encrypted comments.
I am encrypting and signing documents with myself as the receiver. Nobody else will want to look inside them. Is it possible to add encrypted comments or other information to a separated signature file; and later retrieve this additional information? I want to be able to decrypt the signature file alone and retrieve all the information I put inside it. Thanks, Ayoub ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users