Any UNIX API for GPG available?
Morten Gulbrandsen
classpath at arcor.de
Wed Jun 24 20:33:27 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Brian Mearns wrote:
> On Wed, Jun 24, 2009 at 9:59 AM, Peter Pentchev<roam at ringlet.net> wrote:
>> On Wed, Jun 24, 2009 at 02:21:29AM -0700, littleBrain wrote:
>>> Does anyone have the UNIX API documentation for GPG?
>>>
/***SNIP***/
> response? Not that this won't work, it just seems so inelegant. Does
> anyone know of efforts to right an actual free-software library that
> implements OpenPGP?
>
> -Brian
>
Dear Brian
This is the core math of OpenPGP
bash-3.00$ gpg --version
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
===
If used apart from manually invoked messages and files,
and without the use of a proper passphrase, manually keyed.
I don't think it would be much useful. It would be much the same as
saving your passphrase or even typing it in the source code.
But this is known to me.
http://www.gnu.org/software/gnutls/
http://gmplib.org/
# I'm involved here
http://www.opentls.org/
OpenTLS is a project to replace OpenSSL, and is divided in three smaller
packages, NetCrypto, NetPKI and NetTLS.
It's been worked on since the autumn 2003, and at the time of writing,
the last major part of NetCrypto is being worked on. The other two
components are still entirely vaporware, hardly even at the planning
stage. It was known from the beginning that this project would evolve
slowly.
===
for live applications which runs distributed like OpenVPN or
skype or sip-communicator,
this paper tells some interesting stuff:
http://www.davidpashley.com/articles/cert-authority.html
this is for running applications distributed over then net, eg client
server computing and what needs a passphrase when loggin on the network.
Human authentication like in OpenPGP is essential.
if a piece of software is to do the authentication,
you may even save to hard disk the files. But I cannot figure any
understandable benefit for that.
Why do you want the software to encrypt unlike PGP,
which encrypts with a human token called the passphraze?
Example
bash-3.00$ touch somethingIdliketohide.txt
bash-3.00$ gpg -c somethingIdliketohide.txt
# I am prompted twice for my passphraze,
# which would be silly to put in any sourcecode.
gpg: WARNING: `somethingIdliketohide.txt' is an empty file
bash-3.00$ ls -l somethingIdliketohide.txt*
- -rw-r--r-- 1 morten other 0 Jun 24 20:27
somethingIdliketohide.txt
- -rw-r--r-- 1 morten other 64 Jun 24 20:27
somethingIdliketohide.txt.gpg
bash-3.00$
you may even use gpg -c --cipher-algo AES256 If you prefer.
Morten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (SunOS)
Comment: For keyID and its URL see the OpenPGP message header
iEYEARECAAYFAkpCcXcACgkQ9ymv2YGAKVQDQgCfQmanJJufz4fNBSbOzh0Rjl6z
Nj4AoNGdG+81SFyE4dgllhKU/1WLvOhY
=L8/L
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list