api for gpg?
wk at isil.d.shuttle.de
Fri Apr 17 12:18:41 CEST 1998
Sen Nagata <sen_ml at eccosys.com> writes:
> can gpg be used in library form? if so, i take it there isn't
> much documentation (bseides the source) :-)
I don't like the idea of putting everything into a library.
GNUPG is a Unix program and the philosophy behind Unix is
KISS (Keep it Small and Simple); Probably we will have a GNU
Cryptography Library sometime but this will not be a complete
> i am also curious whether there is some mode of operation to
> support decryption followed by encryption in a single process
Of cource I could do so, but it is more easier (and not so error prone)
to make a shell script (or a simple C program) which calls multiple
instances of GNUPG and connects them in a pipeline. Pipelines are
the reason which makes the power of a Unix OS - there is only a small
(if at all) performace penalty.
> then re-encrypt the result using multiple keys w/o having to pipe from
By the way, it is possible to encrypt a message for more than one
recipient - not very much tested, but it should work.
If you really need a very high performance utility, some stuff can be
done to make the initial start up of the program faster. An option you
may like could be a mode which encrypts a message with the key for
every specified user and outputs a complete messages for every user,
where the message is encrypted with the same session key:
| perform symmetric encryption with a session key
| encrypt session key | |
| for user A and build |
| a mail for him. |
| send via sendmail to A | send via sendmail to A
This scheme has the advantage, that you only need one session-key
and symmetric encryption - which is perfectly okay, because the
message is the same for every recipient.
Anyway, I don't think that this is really needed: messages in
a ML are quite short and the symmetric encryption is in that case
much faster than the public-key encrytion for a user.
More information about the Gnupg-devel