On 8/3/24 01:24, mr_shortchange wrote:
It's very kind of you. I try to answer your questions down below.
Please help me. Thank you.
To: Stuart Longland
From: mr_shortchange
You forgot to include the list.
To or CC should include: gnupg-users@gnupg.org
Using "Reply All" should fix that.
On 7/3/24 03:31, mr_shortchange via Gnupg-users wrote:
Dear Fellows!
Importing my private key is flawless but signing is faulty. May I ask for your
help?
Okay, a big tip… don't ask to ask, just ask.
All we know is you have a problem with generating signatures, and
apparently your key is
Dear Fellows!
Importing my private key is flawless but signing is faulty. May I ask for your
help?
Sent with [Proton Mail](https://proton.me/) secure email.___
Gnupg-users mailing list
Gnupg-users@gnupg.org
Werner Koch:
On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said:
However, what works for me is this:
gpg --output ./out --verify ./sha512sums.asc
We are both wrong. --verify does only a verify and nothing else.
Running without --verify writes the actual signed data to the
Patrick Schleizer:
Werner Koch:
On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said:
However, what works for me is this:
gpg --output ./out --verify ./sha512sums.asc
We are both wrong. --verify does only a verify and nothing else.
Running without --verify writes the actual
On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said:
However, what works for me is this:
gpg --output ./out --verify ./sha512sums.asc
We are both wrong. --verify does only a verify and nothing else.
Running without --verify writes the actual signed data to the file.
When it
On 1/12/2015 at 1:50 PM, Patrick Schleizer patrick-mailingli...@whonix.org
wrote:
gpg --verify --output OUT SIGNEDDATA
-
gpg --output ./out --verify ./sha512sums.asc
When it exits 0, then this approach is sound, sane and fine?
-
There is a way of addition to clearsigned messages
Werner Koch:
On Mon, 12 Jan 2015 03:19, patrick-mailingli...@whonix.org said:
Suppose a file has been `--clearsign`ed. Then an adversary pretended or
appended extraneous content.
That is what the signature is all about ;-). Use
gpg --verify --output OUT SIGNEDDATA
to write
On Sun, 31 Aug 2014 18:03, gn...@iam.tj said:
to see how to do is set the keyring file to use. There doesn't appear to be
any function that provides for setting an existing key ring; the best I could
find is gpgme_op_import_keys() which talks about:
The keyring is an internal propery of GnuPG
On 31/08/14 01:47, Ingo Klöcker wrote:
On Saturday 30 August 2014 23:11:17 TJ wrote:
On 30/08/14 22:20, Ingo Klöcker wrote:
I strongly suggest that you have a look at using some Python binding for
gpgme instead of messing around with gpg. gpgme is _the_ library for
using GnuPG in other
I've finally pinned down the issue. The manipulation of the plaintext by
clearsign results in the message digest
being calculated on different plaintext, as per RFC4880 7.1 Dash-Escaped Text:
As with binary signatures on text documents, a cleartext signature is
calculated on the text using
On Thursday 28 August 2014 22:53:52 TJ wrote:
I've recently been digging deep into the source-code trying to
understand what the differences are between --clearsign and
--detach-sign signatures.
This came about whilst writing code that calls on gpg --verify on
detached signatures
On 30/08/14 22:20, Ingo Klöcker wrote:
On Thursday 28 August 2014 22:53:52 TJ wrote:
The aim/hope was to combine the plaintext and detached signature into
the armored clearsign format and thus avoid needing to write one of
them to the file-system (the other can be supplied via stdin).
You can
On Saturday 30 August 2014 23:11:17 TJ wrote:
On 30/08/14 22:20, Ingo Klöcker wrote:
BTW, which language do you want to write the code in?
Well, I'm working in C to add another option to gpg, but the code that
needs this is a Python library (that imports python-gnupg) that
enables the
On Thursday 28 August 2014 22:53:52 TJ wrote:
I've recently been digging deep into the source-code trying to
understand what the differences are between --clearsign and
--detach-sign signatures.
The RFC is probably much easier to read than the source code:
http://tools.ietf.org/html/rfc4880
On 29/08/14 19:03, Ingo Klöcker wrote:
On Thursday 28 August 2014 22:53:52 TJ wrote:
I've recently been digging deep into the source-code trying to
understand what the differences are between --clearsign and
--detach-sign signatures.
The RFC is probably much easier to read than the source
I've recently been digging deep into the source-code trying to understand what
the differences are between
--clearsign and --detach-sign signatures.
This came about whilst writing code that calls on gpg --verify on detached
signatures; specifically Debian APT
archives that contain Release
Hi,
one can sign the message with --clearsign option which adds ASCII
armored(Radix-64 encoding) PGP signature at the end of the text.
This PGP signature contains the UID of the signer, timestamp and key
ID. However, two questions:
1) Where is the UID of the signer, timestamp of the signature
On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote:
Hi,
one can sign the message with --clearsign option which adds ASCII
armored(Radix-64 encoding) PGP signature at the end of the text.
This PGP signature contains the UID of the signer, timestamp and key
ID. However, two questions
On 08/12/2013 08:40 AM, Martin T wrote:
Hi,
one can sign the message with --clearsign option which adds ASCII
armored(Radix-64 encoding) PGP signature at the end of the text.
This PGP signature contains the UID of the signer, timestamp and key
ID. However, two questions:
GnuPG does much
On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote:
Hi,
one can sign the message with --clearsign option which adds ASCII
armored(Radix-64 encoding) PGP signature at the end of the text.
This PGP signature contains the UID of the signer, timestamp and key
ID. However, two questions
On Aug 12, 2013, at 4:40 AM, Martin T m4rtn...@gmail.com wrote:
Hi,
one can sign the message with --clearsign option which adds ASCII
armored(Radix-64 encoding) PGP signature at the end of the text.
This PGP signature contains the UID of the signer, timestamp and key
ID. However, two
a more useful way is to have independent signatures:
gpg --clearsign -u key1 -u key2 -u key3 file.txt
The problem is how to do this given that the 3 keys are hold by
different users. The OpenPGP protocol allows for this but GPG has no
provisions to create such a signature.
Is it possible
Hi,
can a plain text document be clear signed by multiple keys at the same
time? (Hold by different people.)
One can create a plain text file a, clear sign it and get a.asc. Another
one can clear sign a.asc and get a.asc.asc.
One who wants to verify it, can first verify the signature of the
Is it true to say, as it appears to me, that I cannot select a file in GPA's
File Manager and then use a tool or menu option in order to clearsign the
file? Rather, I have to have opened the file first and copied its contents
to the Clipboard first, and only then can I clearsign it in GPA after
Hi Folks,
I'm new to this site and I have a prob with the gpg --clearsign option.
My mails to RIPE NCC are signed with my PGP-Key.
This worked well for the last 6 years. Now I have the prob, that the
signature is called bad from the RIPE mailer
I' using:
gpg (GnuPG) 1.4.11 on ubuuntu
the email
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi David,
[2010-12-11 o...@mozilla-enigmail.org]
OpenPGP SmartCard v2 key 0x6AE1EF56 (RSA 3072) Card 0005 0222
Why can't I use SHA256/SHA512 with this card?
| enable-dsa2
is set and showpref lists
[2010-12-20 ds...@jabberwocky.com]
The
On Sun, 9 Jan 2011 16:58, o...@enigmail.net said:
since I'm not the only one that cannot use SHA256/SHA512 with the v2
card, may I ask you to test signing with an OpenPGP card v2 using hash
I just checked the sources: It seems you are using 2.0.16 from gpg4win.
This version does not support
On Dec 19, 2010, at 6:16 PM, David Shaw wrote:
On Dec 17, 2010, at 11:22 AM, Chris Ruff wrote:
On Sat, 2010-12-11 at 14:57 +0100, Olav Seyfarth wrote:
My key: OpenPGP SmartCard v2 key 0x6AE1EF56 (3072 Bit RSA) Card
0005 0222
Why can't I use SHA256/SHA512 with this card?
|
On Dec 17, 2010, at 11:22 AM, Chris Ruff wrote:
On Sat, 2010-12-11 at 14:57 +0100, Olav Seyfarth wrote:
My key: OpenPGP SmartCard v2 key 0x6AE1EF56 (3072 Bit RSA) Card 0005 0222
Why can't I use SHA256/SHA512 with this card?
| enable-dsa2
is set and showpref lists
The documentation
On Sat, 2010-12-11 at 14:57 +0100, Olav Seyfarth wrote:
My key: OpenPGP SmartCard v2 key 0x6AE1EF56 (3072 Bit RSA) Card 0005 0222
Why can't I use SHA256/SHA512 with this card?
| enable-dsa2
is set and showpref lists
The documentation for OpenPGP v2 smartcard states that only RIPEMD-160
Hi list,
since a couple of days I encounter gpg errors that I do not know how to solve.
echo test _
gpg --clearsign _
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
test
gpg: checking created signature failed: Bad signature
gpg: signing failed: Bad signature
gpg: [stdin]: clearsign failed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello. I'm trying to make any message I clearsign
have a hash of SHA256.
Here is what I've done so far:
I've added personal-digest-preferences SHA256 to the end of my gpg.conf file.
According
to the manpage, this should be enough; since the manpage
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Tyler Spivey wrote:
Hello. I'm trying to make any message I clearsign
have a hash of SHA256.
Here is what I've done so far:
I've added personal-digest-preferences SHA256 to the end of my gpg.conf
file. According
to the manpage, this should
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Tyler Spivey wrote:
and I can force it with --digest-algo sha256.
Add just digest-algo SHA256 (without the parentheses) to your gpg.conf
file.
Regards,
Bob
___
Gnupg-users mailing list
On May 10, 2009, at 8:52 AM, Tyler Spivey wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello. I'm trying to make any message I clearsign
have a hash of SHA256.
If the key you are trying to make a SHA256 signature with is the same
one that you signed this message with, then you
On May 10, 2009, at 10:58 AM, Bob Henson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Tyler Spivey wrote:
and I can force it with --digest-algo sha256.
Add just digest-algo SHA256 (without the parentheses) to your
gpg.conf
file.
Please do not do this. There is an entire
On Sunday 10 May 2009 14:52:21 Tyler Spivey wrote:
Hello. I'm trying to make any message I clearsign
have a hash of SHA256.
Here is what I've done so far:
I've added personal-digest-preferences SHA256 to the end of my gpg.conf
file. According to the manpage, this should be enough; since
Bob Henson wrote:
Add just digest-algo SHA256 (without the parentheses) to your gpg.conf
file.
Please don't. This is usually the wrong solution.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Gordon McNevin [EMAIL PROTECTED] writes:
$cmd = echo $passphrase | $gpg --passphrase-fd 0 --no-tty -u
$cmd = (echo $passphrase; echo $variable) \
| $gpg --passphrase-fd 0 --clearsign -
The trick here is that the passphrase is only read up to and including
the first linefeed
-sigs --no-secmem-warning --clearsign $emailbody . .
/tmp/error ;
$encrypted_message = shell_exec($cmd);
But it's simply not working.
Does anyone know how I can clearsign a variable without all this file
interaction please?
Many thanks,
Gordon
-sigs --no-secmem-warning --clearsign $emailbody . .
/tmp/error ;
$encrypted_message = shell_exec($cmd);
But it's simply not working.
Does anyone know how I can clearsign a variable without all this file
interaction please?
Many thanks,
Gordon
Hi
The following command sequence seems to destroy the pdf file:
gpg --clearsign -o signed.pdf original.pdf
gpg --decrypt -o destroyed.pdf signed.pdf
The new file is slightly smaller than the original one, the difference
seems to be some differences in linefeed/newline characters.
Adding
On Thu, 14 Jul 2005 12:48:58 +0200, Tobias Roth said:
gpg --clearsign -o signed.pdf original.pdf
You can't clearsign binary data.
Shalom-Salam,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
gpg --clearsign -o signed.pdf original.pdf
gpg --decrypt -o destroyed.pdf signed.pdf
You can't clearsign a binary directly, but you can clearsign a list
of binary checksums, if you don't want to create a whole bunch of
external files. I typically
On Sun, 05 Jun 2005 11:36:32 +0200, Martin Geisler said:
I don't know how Outlook (not Express) handles things.
It won't be possible to verify a signature with Outlook due to the
fact that it is not possible to get to the raw MIME headers. It might
be possible to write a plugin which uses
On Sun, 5 Jun 2005 13:45:30 +0200, Kiefer, Sascha said:
Well, as far as i see there is no difference between the MIME format of
rfc2015 and rfc3156.
Correct, 3156 has only minor clarifications.
So, what is right?
RFC like:
Content-Type: multipart/signed; micalg=pgp-md5
Werner Koch schrieb:
The first of course.
Shalom-Salam,
Werner
Okay, perfekt.
The PGP/MIME RFC states that you can first sign and then encrypt the mail.
In S/MIME it is allowed to first encrypt and then sign the message.
Do you think it's feasible to do the same in PGP/MIME? I think it
On Mon, 06 Jun 2005 16:16:54 +0200, Sascha Kiefer said:
The PGP/MIME RFC states that you can first sign and then encrypt the mail.
Doing this on the MIME level allows you to easily strip the encryption
layer while leaving the signature intact.
In S/MIME it is allowed to first encrypt and then
Dan Mundy [EMAIL PROTECTED] writes:
David Shaw wrote:
[... all nice features of PGP/MIME...] Plus, plus, plus.
No minuses, though, i hope?
The only thing I've come across is people using Outlook Express: they
will see an empty mail with two attachments: your message as one
attachment and the
Clearsigning is good because it allows anyone to verify the signature no
matter what their system. Some people like to use the current window
function of PGP and front-ends for GPG such as GPGshell. PGP/Mime is
good for sending mail to many people some of whom have no idea of what
PGP/GPG is.
; gnupg-users@gnupg.org
Subject: Re: GnuPG Clearsign vs. PGP/MIME Signing
Clearsigning is good because it allows anyone to verify the
signature no matter what their system. Some people like to
use the current window function of PGP and front-ends for GPG
such as GPGshell. PGP/Mime is good
On 9130 day of my life Dan Mundy wrote:
hey all,
i was wondering what the differences between conventional gpg
clearsigning and pgp/mime signing are. which one's better for what?
which should i use more often? please help me!
Clearsigning can be processed by recipient even if his mail
Kiefer, Sascha wrote:
Hmm.
I just implemented RFC2015 3 days ago.
The format of PGP/MIME described in that paper does not match the format
you are using.
Your mails start with a Content-Type of multipart/mixed and you declare
The pgp data as attachments. But this is not true.
Maybe I'm missing
On Sat, Jun 04, 2005 at 10:42:51AM +0200, Kiefer, Sascha wrote:
Hmm.
I just implemented RFC2015 3 days ago.
The format of PGP/MIME described in that paper does not match the format
you are using.
Your mails start with a Content-Type of multipart/mixed and you declare
The pgp data as
On Fri, Jun 03, 2005 at 08:30:53PM -0400, Dan Mundy wrote:
hey all,
i was wondering what the differences between conventional gpg
clearsigning and pgp/mime signing are. which one's better for what?
which should i use more often? please help me!
When at all possible, use PGP/MIME. It's
hey all,
i was wondering what the differences between conventional gpg
clearsigning and pgp/mime signing are. which one's better for what?
which should i use more often? please help me!
thanks all,
Dan
signature.asc
Description: OpenPGP digital signature
---BeginMessage---
I'm wondering which kind of signing you did on this mail?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Mundy
Sent: Samstag, 4. Juni 2005 02:31
To: gnupg-users@gnupg.org
Subject: GnuPG Clearsign vs. PGP/MIME Signing
58 matches
Mail list logo