Re: Simple program to get sha256 hash

On Fri, Mar 17, 2017 at 11:15 PM, Ralph Corderoy wrote: > Hi Paolo, > >> $ gcc -o ssha ./hash.cpp -lgcrypt >> $ ./ssha blablabla >> a6898dd93b4c6a87e978aea8547fdc3901b7b94d96636e03d5a6194f4491c571 > > You're feeding it nine bytes here. > >> $ sha256sum <<< 'blablabla' >>

Simple program to get sha256 hash

Dear list, Today I wanted to play a bit with libgcrypt and I wanted to make a small program to return the sha256 hash of a string passed as argument. The program compiles, links, and gives an output. However, the output is different than what I get using sha256sum from coreutils! Here is what I

Re: Please unsubscribe me form your mailing list. Thank you.

(1) and (2) Did you read the word "alas"? Of course it's not possible. Secondly the fact business policy mandates something does not make it a good idea, in this case it does not at all. (3) Study the meaning of the word "Encoding." Plain-text has nothing to do with what characters you can

Re: Attacks on encrypted communicxatiopn rising in Europe

On Wed, Aug 24, 2016 at 4:37 PM, Robert J. Hansen wrote: > But so too are the privacy absolutists who believe that law-enforcement > is doing something morally wrong when they try to break Tor's anonymity > in the pursuit of awful people. I think you can say this sentence

Re: Please unsubscribe me form your mailing list. Thank you.

The world would be a much better place if we could ban signatures and non pure-text emails. Alas... ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Top-posting

> Speaking more technically, the problem is that 'modern' MUA, like > OutLook crap, thunderbird or other browser-like MUA do not invite to > post and quote correctly. They put the cursor above the first line > (sometimes you can not even configure this, and also not the correct > citation with '>

Re: Top-posting

I think this text (or variants) are old as email itself and actually, while funny, makes little sense. When you follow an email thread you do not read everything, you just read the new email and it makes little difference if it is in the top. Besides most email clients actually put an indentation

Re: making a Debian Live CD for managing GnuPG master key and smartcards

Since the thread is already quite lost I chip in with a question. What is the matter with top posting? Is my client that is weird showing the text from the beginnig, where what I want to read is? Top posting sounds even more ad-hoc that bottom posting where you have to scroll down to find what you

Re: making a Debian Live CD for managing GnuPG master key and smartcards

I am kinda lost, what is the topic again? On Tue, Apr 26, 2016 at 5:31 PM, Daniel Pocock wrote: > > > On 26/04/16 17:29, Dashamir Hoxha wrote: >> On Tue, Apr 26, 2016 at 4:57 PM, Daniel Pocock > > wrote: >> >> >> >> On 26/04/16

Is there a foolproof tutorial to start with gpgme?

Dear list, gpgme is very interesting, but it appears quite daunting to start from the documentation alone. There is some ready to comple example somewhere with easy tasks like signature checking or compiling? Cheers, Paolo ___ Gnupg-users mailing list

Re: Paper backup

On Mon, Apr 25, 2016 at 4:38 PM, Dashamir Hoxha wrote: > On Mon, Apr 25, 2016 at 4:01 PM, Robert J. Hansen > wrote: > But once you have to split the data and QR-encode it, it doesn't make much > difference whether you have 2 pages of output or 8 pages.

Re: Paper backup

I did something similar for the revocation certificate. I used LaTeX preparing this template for the students: http://www.inf.unibz.it/dis/teaching/INFSEC/ex/revocation.tar.xz I think paper backup are a good idea. For example, I keep mine with my passport, if my passport (and so revocation

Re: Help needed

You are strongly advised to read the gpg frequently asked questions, here is the link: https://www.gnupg.org/faq/gnupg-faq.html Here a particularly relevant question: https://www.gnupg.org/faq/gnupg-faq.html#please_use_ecc On Sun, Apr 24, 2016 at 7:16 PM, Dashamir Hoxha

Re: Translate to dutch

> GnuPG is also aimed at people comfortable with working at the command line. > So I would say that the potential audience of EasyGPG is greater than that > of plain GPG. Wait? What? I am missing one important detail, a part of slightly obnoxious advertisement in this mailing list, how do you plan

Re: What am I missing?

Actually I thought there is a TPM that is needed to "talk" with the storage. If one fails to input the password enough times, the TPM destroys the key. You can say that it is false that the storage get destroyed but, since it AES encrypted, after destroying the key it is pretty much the same. If

How do you think the FBI managed to get the clear text of the infamous phone?

Dear list, I am aware it is out topic, but still I assume as we are security oriented people (otherwise why being part of this email list?) I think it is interesting food for thought. As far as I understood the situation is: The iPhone uses AES (256?) to encrypt the storage. The phone owner,

Re: Force textual pinpad

Yes, the pair $ gpg-connect-agent killagent /bye $ gpg-connect-agent /bye works fine too and it is probably prettier than CTRL-C the agent. However, I think restarting the agent manually is very useful even without SSH. The reason is possible errors in the configuration, if the command fail you

Re: Force textual pinpad

es rather > than pinentry-tty :) > > On 24/03/16 12:28, Paolo Bolzoni wrote: >> I don't have a $GNUPGHOME/gpg-agent.conf file, I can simply create it >> or I have to assume something is terribly wrong in my system? > > There isn't one by default ($GNUPGHOME defaults to ~/.

Re: Force textual pinpad

I don't have a $GNUPGHOME/gpg-agent.conf file, I can simply create it or I have to assume something is terribly wrong in my system? On Thu, Mar 24, 2016 at 12:26 PM, Damien Goutte-Gattat <dgouttegat...@incenp.org> wrote: > On 03/24/2016 12:01 PM, Paolo Bolzoni wrote: >> >>

Re: Force textual pinpad

To unset DISPLAY env var works really well, but I'd prefere something I can setup in the gpg options. On Thu, Mar 24, 2016 at 11:55 AM, flapflap wrote: > Dashamir Hoxha: >> If it doesn't work, try also `--passphrase-fd=0 <<< "your-passphrase" ` > > sounds like a bad idea to

Force textual pinpad

Dear list, It is possible to simply use the terminal to input my password when using gpg from the command line? I often use the computer with two screens, one that the students see and the one in front of me. So, it's kinda a problem when the pinpad appears in the "wrong" screen as it seems to

Re: Verification via the web of trust

Sigh.. it seems I am not yet part of the strong set. Thanks anyhow! On Wed, Mar 23, 2016 at 5:54 PM, Andrew Gallagher <andr...@andrewg.com> wrote: > On 23/03/16 16:49, Paolo Bolzoni wrote: >> There is a way to know how many "hops" are a key from anything I trust >

Re: Verification via the web of trust

There is a way to know how many "hops" are a key from anything I trust and see the path? On Tue, Mar 22, 2016 at 7:43 PM, Andrew Gallagher wrote: > On 22/03/16 18:30, Peter Lebbing wrote: >> On 22/03/16 19:14, Andrew Gallagher wrote: >>> All this is true. But this does not

Re: A better interface to the GnuPG-Framework (Re: EasyGnuPG)

I guess we should start from the desired use case. We want a GUI for what? Encrypting? Signing? Managing the web of trust? SSH login? Everything? On Tue, Mar 22, 2016 at 3:45 PM, Bernhard Reiter wrote: > On Tuesday 22 March 2016 at 15:14:41, Ben McGinnes wrote: >> You

Re: EasyGnuPG

My real question is: what do you think in gpg is not easy enough? On Tue, Mar 22, 2016 at 11:53 AM, Dashamir Hoxha <dashoho...@gmail.com> wrote: > On Tue, Mar 22, 2016 at 11:40 AM, Paolo Bolzoni > <paolo.bolzoni.br...@gmail.com> wrote: >> >> And besides, it's

Re: EasyGnuPG

I totally agree, Dashamir I really think you should focus on what you think is hard in gnupg? And why? Are you sure a new program (and not a simple patch) is the best answer? At the moment you are showing us strange defaults, an implementation that can break at any time, and I am not really sure

Re: EasyGnuPG

And besides, it's much easier to build a GUI app in front of a C API than a command line application. On Tue, Mar 22, 2016 at 11:35 AM, Robert J. Hansen wrote: >> And then, it is not difficult to build a GUI app on top of a >> command-line tool that works properly. I cannot

Should always add myself as recipient when ecrypting?

Dear list, The subject pretty much says it all already, I am using GnuPG 2.1.11 (with libgcrypt 1.6.5) and I was wondering if I should always add myself as recipient when encrypting a file, of course, in addition of the real recipient. Is there a reason not to? Cheers, Paolo