File gpg-2comp.diff of Package gpgaddon
diff -uNr gpg-2comp/README gpg-2comp.SuSE/README
--- gpg-2comp/README Wed May 24 22:59:52 2000
+++ gpg-2comp.SuSE/README Wed May 24 13:31:32 2000
@@ -12,7 +12,7 @@
This directory contains the following files:
- README - this file
+ README.gpg-2comp - this file
gpg-2comp - a perl wrapper program for the mutt mail user agent
gpg-2comp-steps - a tutorial to encrypt and sign for PGP 2.6.x
diff -uNr gpg-2comp/README.SuSE gpg-2comp.SuSE/README.SuSE
--- gpg-2comp/README.SuSE Thu Jan 1 01:00:00 1970
+++ gpg-2comp.SuSE/README.SuSE Tue Oct 24 10:57:03 2000
@@ -0,0 +1,109 @@
+GPG-Addon Docu
+==============
+
+the gpgpaddon package contains
+(1) additional GnuPG modules which were left out from the standard
+ GnuPG package for certain reasons
+(2) gpg-2comp wrapper to enable using GnuPG for creating and checking PGP2
+ compatible messages
+
+(1) Modules
+-----------
+
+Modules for GnuPG with licensing or security issues.
+Useful for interaction with PGP2, see end of file.
+Please read the following notes carefully!
+
+IDEA:
+ Patented by Ascom Systec Ltd. of CH-5506 Maegenwil. Only freely usable
+ for certain non-profit purpose:
+ This software product contains the IDEA algorithm as described and claimed in
+ US patent 5,214,703, EPO patent 0482154 (covering Austria, France, Germany,
+ Italy, the Netherlands, Spain, Sweden, Switzerland, and the UK), and Japanese
+ patent application 508119/1991, "Device for the conversion of a digital block
+ and use of same" (hereinafter referred to as "the algorithm"). Any use of
+ the algorithm for commercial purposes is thus subject to a license from Ascom
+ Systec Ltd. of CH-5506 Maegenwil (Switzerland), being the patentee and sole
+ owner of all rights, including the trademark IDEA.
+
+RIJNDAEL:
+ The winner of the NIST competition for a new free standard crypto algorithm
+ (as successor of DES).
+ Rijndael has been integrated into GnuPG-1.0.4 and is therefore not built
+ into this package any more.
+
+RSA:
+ ATTENTION: This code should not have been exported _to_ the United
+ States without a license agreement with PKP prior to Sept. 20, 2000, as it
+ was encumbered by U.S. patent #4,405,829.
+ The RSA support now went into GnuPG-1.0.3 and is therefore not in this
+ package any more.
+
+RSAREF:
+ This module is Copyright (c) 1999 Jason Gunthorpe <jgg@non-us.debian.org>
+ and is placed into the public domain, do with it what you will. It
+ comes with no warrenty express or implied.
+ RSAREF is limited in key size and in the coding of the encrypted data.
+ This module isn't terribly great as RSAREF has no concept of secure
+ memory so the secret key and the symmetric cipher are written to
+ insecure memory in several places in this code and within the RSAREF
+ lib.
+ NOT CURRENTLY BUILT.
+
+SKIPJACK:
+ GPL - but not recommended for use, as it's unclear whether it's safe.
+
+3DES:
+ An alternative 3DES implementation
+ Requires the openssl or Eric Young's ssleay library.
+ NOT CURRENTLY BUILT.
+
+
+Authors:
+ Werner Koch <werner.koch@guug.de>
+ and others
+
+
+(2) PGP2 interaction
+--------------------
+If you are allowed to use IDEA, then there's good news for you:
+With these modules, there's a painless migration path from PGP2 to GPG for
+you. (PGP5 does not show any problems in this respect.)
+I created a wrapper named gpg-compat and placed it into /usr/bin:
+#!/bin/sh
+exec gpg --load-extension idea --allow-non-selfsigned-uid $*
+
+However, this simple wrapper only allows to decrypt, check signatures and
+encrypt for PGP2. It does not allow automatic encryption for PGP2 nor both
+PGP2 encryption and signing. For this the gpg-2comp perl script from Gero
+Treuner has been put into /usr/bin/gpg-2comp. Please read the docu
+README.gpg-2comp.
+You need to configure your gpg-2copm by creating a ~/.gpg-2comprc file. You
+may use the sample file for this.
+
+The following works with both scripts ...
+
+Now import your PGP2 keys into your GPG keyring:
+gpg-compat --import ~/.pgp/pubring.pgp
+gpg-compat --import ~/.pgp/secring.pgp
+
+One caveat: A few keys may not be acceptable to gpg.
+You may want to add signatures, e.g. sign your new GPG key with your old PGP2
+key and vice versa. This is possible:
+
+gpg-2comp --default-key 0x<PGP2KEYID> --edit-key 0x<GPGKEYID>
+and vice versa.
+
+Tell your mutt-0.9xi ot mutt-1.0i to use gpg-2comp:
+set pgp_gpg=gpg-2comp
+For mutt-1.2i, you may use the gpg.rc distributed with mutt and enable the
+gpg-2comp settings. More easily: use the gpg.rc you find here.
+A hint: Don't unset pgp_strict_encoding with mutt-1.2i, even if braindead
+MUAs fail to display quoted-printable (aka quoted-unreadable) and your
+friends complain.
+
+But please tell your friends to also fully move to GPG and avoid patented
+algorithms, even if you consider these patents to be bogus. You don't rule
+the world, do you?
+
+ Your SuSE team.
diff -uNr gpg-2comp/README.Upgrade gpg-2comp.SuSE/README.Upgrade
--- gpg-2comp/README.Upgrade Thu Jan 1 01:00:00 1970
+++ gpg-2comp.SuSE/README.Upgrade Wed May 24 13:20:09 2000
@@ -0,0 +1,10 @@
+Info for users of previous versions of gpgaddon
+-----------------------------------------------
+
+The scripts have been renamed. The gpg-2comp script is now installed by that
+name (was: gpg-compat) and the simple wrapper has the name gpg-compat (was:
+gpg-compat.old), now.
+Please re-read the instructions on how to set up your mutt config.
+Sorry about this!
+
+ Your SuSE team.
diff -uNr gpg-2comp/gpg-2comp gpg-2comp.SuSE/gpg-2comp
--- gpg-2comp/gpg-2comp Sat Oct 30 19:57:55 1999
+++ gpg-2comp.SuSE/gpg-2comp Wed May 24 23:43:34 2000
@@ -30,28 +30,41 @@
- create new temp file the way mutt does
- isolate the PGP 2 routines
- added --always-trust and --comment to encrypt+sign
+ 2000-05-24 Kurt Garloff <garloff@suse.de>:
+ - require user configuration as suggested in Gero's README
+ file
+ - disable --comment feature as it causes problems with
+ gpg-1.0.1e
+ - use gpg-compat (exec gpg --load-extension ....) instead
+ of gpg directly, so the needed modules are loaded
#;
# ------- User configuration
# Let this point to your gpg binary
-$gpg = '/usr/bin/gpg';
-
-# Set to 1 if you want to sign with RSA as default
-# (if you don't specify a key explicitly with "sign as" in Mutt's compose menu)
-$use_pgp2 = 0;
-
-# Your RSA key ID
-# (to take advantage of this script, you need an RSA key - see the README file)
-#$rsa_default_key = '0x766CD151';
-
-# Set to 0 if you don't want to encrypt all RSA mails to yourself, too
-$rsa_encryptself = 1;
+$gpg = '/usr/bin/gpg-compat';
# Comment for PGP 2 compatible encrypt+signing, which is not GnuPG-native
# (may be helpful - unset this if you want GnuPG's original comment)
$comment = 'Scripting by http://muppet.faveve.uni-stuttgart.de/~gero/gpg-2comp';
+# READ config from ~/.gpg-2comprc
+$config = $ENV{'HOME'} . '/.gpg-2comprc';
+unless (-f $config)
+{
+ print STDERR $0, <<'MSG';
+ : Configuration file needed.
+
+ To create it, copy the sample file
+ /usr/share/doc/packages/gpgaddon/gpg-2comprc.sample
+ to ~/.gpg-2comprc and edit it:
+ 1. insert the key ID of your RSA key
+ 2. ...
+MSG
+ exit 1;
+}
+require $config;
+
# ------- Phase 1: Initialisation; do some checks
sub exit_on_gpg_error
@@ -218,7 +231,9 @@
{
$crypt_keys .= " -r $rsa_default_key";
}
- $args = $comment ? "--comment '$comment' " : '';
+ # KG: For some reason, GnuPG does not like --comment
+ $args = '';
+ #$args .= $comment ? "--comment '$comment' " : '';
$args .= "--no-verbose --batch -v --no-literal --encrypt --rfc1991 --cipher-algo idea --armor --no-encrypt-to --always-trust $crypt_keys -o - $signedtmp";
}
diff -uNr gpg-2comp/gpg-2comprc.sample gpg-2comp.SuSE/gpg-2comprc.sample
--- gpg-2comp/gpg-2comprc.sample Thu Jan 1 01:00:00 1970
+++ gpg-2comp.SuSE/gpg-2comprc.sample Wed May 24 13:15:43 2000
@@ -0,0 +1,21 @@
+# ------- gpg-2comp user configuration
+
+# Let this point to your gpg binary
+#$gpg = '/usr/bin/gpg-compat';
+
+# Set to 1 if you want to sign with RSA as default
+# (if you don't specify a key explicitly with "sign as" in Mutt's compose menu)
+$use_pgp2 = 0;
+
+# Your RSA key ID
+# (to take advantage of this script, you need an RSA key - see the README file)
+# YOU REALLY NEED TO SET THIS
+$rsa_default_key = '0xFFFFFFFF';
+
+# Set to 0 if you don't want to encrypt all RSA mails to yourself, too
+$rsa_encryptself = 1;
+
+# Comment for PGP 2 compatible encrypt+signing, which is not GnuPG-native
+# (may be helpful - unset this if you want GnuPG's original comment)
+#$comment = 'Scripting by http://muppet.faveve.uni-stuttgart.de/~gero/gpg-2comp';
+
diff -uNr gpg-2comp/gpg.rc gpg-2comp.SuSE/gpg.rc
--- gpg-2comp/gpg.rc Thu Jan 1 01:00:00 1970
+++ gpg-2comp.SuSE/gpg.rc Thu May 25 23:15:03 2000
@@ -0,0 +1,73 @@
+# -*-muttrc-*-
+#
+# Command formats for gpg.
+#
+# This version uses gpg-2comp from
+# http://muppet.faveve.uni-stuttgart.de/~gero/gpg-2comp.tar.gz
+#
+# $Id: gpg.rc,v 1.5 2000/03/03 16:52:41 roessler Exp $
+#
+# %p The empty string when no passphrase is needed,
+# the string "PGPPASSFD=0" if one is needed.
+#
+# This is mostly used in conditional % sequences.
+#
+# %f Most PGP commands operate on a single file or a file
+# containing a message. %f expands to this file's name.
+#
+# %s When verifying signatures, there is another temporary file
+# containing the detached signature. %s expands to this
+# file's name.
+#
+# %a In "signing" contexts, this expands to the value of the
+# configuration variable $pgp_sign_as. You probably need to
+# use this within a conditional % sequence.
+#
+# %r In many contexts, mutt passes key IDs to pgp. %r expands to
+# a list of key IDs.
+
+# decode application/pgp
+set pgp_decode_command="gpg-compat %?p?--passphrase-fd 0? --no-verbose --batch -o - %f"
+
+# verify a pgp/mime signature
+set pgp_verify_command="gpg-compat --no-verbose --batch -o - --verify %s %f"
+
+# decrypt a pgp/mime attachment
+set pgp_decrypt_command="gpg-compat --passphrase-fd 0 --no-verbose --batch -o - %f"
+
+# create a pgp/mime signed attachment
+# set pgp_sign_command="gpg-2comp --no-verbose --batch -o - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
+set pgp_sign_command="gpg-2comp --no-verbose --batch -o - --passphrase-fd 0 --textmode --armor --detach-sign %?a?-u %a? %f"
+
+# create a application/pgp signed (old-style) message
+# set pgp_clearsign_command="gpg-2comp --no-verbose --batch -o - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
+set pgp_clearsign_command="gpg-2comp --no-verbose --batch -o - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
+
+# create a pgp/mime encrypted attachment
+# set pgp_encrypt_only_command="pgpewrap gpg-2comp -v --batch -o - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
+set pgp_encrypt_only_command="pgpewrap gpg-2comp -v --batch -o - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
+
+# create a pgp/mime encrypted and signed attachment
+# set pgp_encrypt_sign_command="pgpewrap gpg-2comp --passphrase-fd 0 -v --batch -o - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
+set pgp_encrypt_sign_command="pgpewrap gpg-2comp --passphrase-fd 0 -v --batch -o - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
+
+# import a key into the public key ring
+set pgp_import_command="gpg-compat --no-verbose --import -v %f"
+
+# export a key from the public key ring
+set pgp_export_command="gpg-compat --no-verbose --export --armor %r"
+
+# verify a key
+set pgp_verify_key_command="gpg-compat --no-verbose --batch --fingerprint --check-sigs %r"
+
+# read in the public key ring
+set pgp_list_pubring_command="gpg-compat --no-verbose --batch --with-colons --list-keys %r"
+
+# read in the secret key ring
+set pgp_list_secring_command="gpg-compat --no-verbose --batch --with-colons --list-secret-keys %r"
+
+# receive key from keyserver:
+#set pgp_getkeys_command="wrap.sh -g %r"
+#set pgp_getkeys_command="gpg-compat --keyserver wwwkeys.eu.pgp.net --recv-keys '%r'"
+# Unfortunatley it does not work, as mutt passes a mail address rather
+# than a key ID; which GnuPG can not handle
