Any UNIX API for GPG available?

Morten Gulbrandsen classpath at arcor.de
Wed Jun 24 20:33:27 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brian Mearns wrote:
> On Wed, Jun 24, 2009 at 9:59 AM, Peter Pentchev<roam at ringlet.net> wrote:
>> On Wed, Jun 24, 2009 at 02:21:29AM -0700, littleBrain wrote:
>>> Does anyone have the UNIX API documentation for GPG?
>>>


/***SNIP***/

> response? Not that this won't work, it just seems so inelegant. Does
> anyone know of efforts to right an actual free-software library that
> implements OpenPGP?
> 
> -Brian
> 

Dear Brian

This is the core math of  OpenPGP

bash-3.00$ gpg  --version

Supported algorithms:


Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2


===


If used apart from manually invoked messages and files,
and without the use of a proper passphrase, manually keyed.

I don't think it would be much useful. It would be much the same as
saving your passphrase or even typing it in the source code.

But this is known to me.


http://www.gnu.org/software/gnutls/


http://gmplib.org/
# I'm involved here


http://www.opentls.org/



OpenTLS is a project to replace OpenSSL, and is divided in three smaller
packages, NetCrypto, NetPKI and NetTLS.

It's been worked on since the autumn 2003, and at the time of writing,
the last major part of NetCrypto is being worked on. The other two
components are still entirely vaporware, hardly even at the planning
stage. It was known from the beginning that this project would evolve
slowly.

===


for live applications which runs distributed  like  OpenVPN or
skype  or  sip-communicator,

this paper tells some interesting stuff:

http://www.davidpashley.com/articles/cert-authority.html

this is for running applications  distributed over then net,  eg client
server computing and what needs a passphrase when loggin on the network.

Human authentication like in OpenPGP is essential.

if a piece of software is to do the authentication,
you may even save to hard disk the files. But I cannot figure any
understandable benefit for that.

Why do you want the software to encrypt unlike PGP,
which encrypts with a human token called the passphraze?


Example

bash-3.00$ touch  somethingIdliketohide.txt
bash-3.00$ gpg  -c  somethingIdliketohide.txt


# I am prompted twice for my passphraze,
# which would be silly to put in any sourcecode.


gpg: WARNING: `somethingIdliketohide.txt' is an empty file
bash-3.00$ ls -l  somethingIdliketohide.txt*
- -rw-r--r--   1 morten   other          0 Jun 24 20:27
somethingIdliketohide.txt
- -rw-r--r--   1 morten   other         64 Jun 24 20:27
somethingIdliketohide.txt.gpg
bash-3.00$



you may even use  gpg -c  --cipher-algo  AES256  If you prefer.


Morten





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (SunOS)
Comment: For keyID and its URL see the OpenPGP message header

iEYEARECAAYFAkpCcXcACgkQ9ymv2YGAKVQDQgCfQmanJJufz4fNBSbOzh0Rjl6z
Nj4AoNGdG+81SFyE4dgllhKU/1WLvOhY
=L8/L
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list