ietf-openpgp
[Top] [All Lists]

preannounce: opgp95

1998-04-09 15:10:36
Lots of fixes, enhancements, etc. to meet the spec as I currently
understand it.  I don't do multiple [P|S]KESKs, multiple 1 pass
signatures, and keymanagement, and I do support ElGamal signatures, so I
am not in 100% compliance.  But it works and can interoperate with other
programs insofar as they meet the spec.

The big news is that everything is now done by one program, i.e. 

cat cryptfile | minipgp5 | minipgp5 | minipgp5 | minipgp5 >plainfile

................dearmor.....decrypt...decompress..deliteral

When not piping, or with onepass sigs, the deliteral will also check the
signature.  And these work with either the old or new CTB format (as long
as the new format isn't fragmented, but I have a preprocessor for that).

And the reverse steps would be

cat plainfile | minipgp5 -l plainfile | \
        minipgp5 -z | minipgp5 -k <uid> >cryptfile.

(signatures are generated detached with or without onepass headers
and assembled using cat).

The minipgp5 program is mostly glue to invoke the proper library routine
and is designed more to allow testing of the library or provide samples of
how to preparse and invoke the functions.  It is not a designed to be a
practical or usable implementation. 

The only difficulty is that with a swiss-army-knife approach, I now have
about 20 options that can be specified, and some must be precise to cause
the right thing to happen (and my checking isn't good, if you ask for both
armoring and compression only one will happen).  In the other direction,
the autodetect is fairly good.

I have updated my awk scripts so they now work with minipgp5 to generate
or check clearsigned messages on OpenPGP messages.

Another big note is that with a ctb conversion program it is now fully
backward compatible - minipgp5 only generates new CTBs, but the tooldctb
program will fix that.  I also removed the SKESK for the case where
everything is 2.x default (and assume 2.x defaults if I see the CTB for a
symmetrical data packet before an ESK).

The old minipgp directory is going away (but all the functions are moving
into the newpgp directory which will likely be renamed).

SSLeay 0.9 is due out in a few days, so I am going to be adapting the
program to use that so you may want to wait.

www.cryptography.org has been backlogged, so if you want an alpha version,
email me with the appropriate "I can legally send to you and you know
about exporting and should not" information.

I also managed to cut the codesize (all .c and .h files are under 3500
lines, not counting safer, haval, and ripemd).

--- reply to tzeruch - at - ceddec - dot - com ---



<Prev in Thread] Current Thread [Next in Thread>