Annotation of pgp/appnote.doc, revision 1.1
1.1 ! root 1: PGP 2.2 Application Note: Integrating PGP with mailers
! 2: Derek Atkins <[email protected]>
! 3: 6-Mar-93
! 4:
! 5: This document will try to describe how to create an
! 6: application around PGP version 2.2, in order to incorporate PGP into
! 7: mailers and news readers. There are a number of changes in 2.2 which
! 8: make it easier to write wrappers for PGP. In writing this, I may have
! 9: inadvertantly left out some functionality, some mailers, or some
! 10: machine types. I should warn readers now that I am a UNIX person, and
! 11: that most of this document will probably be in UNIX terms.
! 12:
! 13: This document references scripts which are in the contrib
! 14: directory of PGP. Within the contrib area are scripts contributed to
! 15: the release. A lot of these scripts were written for PGP 2.1, so they
! 16: do not handle multiple recipients, or some of the new PGP features.
! 17:
! 18: The first thing to remember is that PGP usually needs to have
! 19: a controlling TTY in order to gather information, like the password,
! 20: or for the user to answer questions, like to whether to add or sign
! 21: keys. This is useful for text-based mail agents. In fact, it is most
! 22: useful for agents which use files for messages, like MH.
! 23:
! 24: One example for this is in the emacs directory. The e-lisp
! 25: pgp.el1 winds up saving the buffer to encrypt or decrypt to a file,
! 26: and then runs pgp on that file using the emacs interactive mode. It
! 27: looks the same as if you type "pgp filename" at the shell.
! 28:
! 29: However, this is not very interesting. While it is easy to to
! 30: this, it means that there are extra files being created on the disk.
! 31: This can be a security risk, since wiping files off disk is not always
! 32: successful, and by having the plain-text go to a file means more time
! 33: for a possible attacker to get ahold of the plain-text of the message.
! 34: A better way to accomplish this is to use filter_mode, which is the -f
! 35: option. This tells PGP to read the message from stdin, and to put the
! 36: output onto stdout. Unfortunately, in this manner, the signature
! 37: information is output onto stderr, so you will either lose it, or it
! 38: and all other PGP output will be put in the same stream with the
! 39: message, but this depends on your piping ability.
! 40:
! 41: An example of how to use this is the mailx script. This
! 42: script is supposed to run in place of the UNIX /bin/mail program. It
! 43: reads from stdin and will do the proper encryption and then execute
! 44: /bin/mail. This works by specifying a special user for the recipient
! 45: to encrypt and signature. This works by calling PGP with the
! 46: following arguments, and uses stdin and stdout for the mail input and
! 47: output. However, this script only is useful for sending mail, not
! 48: reading it.
! 49:
! 50: To just sign the message, in clear-text mode:
! 51: pgp -fast +clearsig=on
! 52: or to sign and encrypt:
! 53: pgp -feast user1 user2 user3...
! 54:
! 55: This works well when dealing with a command-line mailer, or a
! 56: mailer that is run in a terminal. There are problems, however, if you
! 57: do not have a TTY in which to get a password to decrypt or sign
! 58: messages. I'm not sure of a way around this, but then again, PEM is
! 59: going to have this same problem. (An example that I can think of is
! 60: integrating with xmh).
! 61:
! 62: There is a way around this, however, in some cases. One way,
! 63: which is not recommended, but can be used, is to use the "-z" option
! 64: to set the passphrase. Again, this is *NOT* recommended, since some
! 65: operating systems will not allow the program to erase the process
! 66: table, and someone can retreive the pass phrase from there. A similar
! 67: way to get the pass phrase in is to use the PGPPASS environment
! 68: variable. Again, this has the same problems. An example of this
! 69: usage is:
! 70:
! 71: pgp -sat +clearsig=on -z "This is my pass phrase" inputfile
! 72:
! 73: There is a better way of doing this in PGP 2.2, which is an
! 74: environment variable called "PGPPASSFD". If this is set, it means
! 75: that the FIRST thing PGP will do is read the pass phrase from this
! 76: file descriptor. So, for example, one can set PGPPASSFD to "0"
! 77: (zero), and then PGP will read the pass phrase from stdin as the first
! 78: thing.
! 79:
! 80: For example, an emacs utility could grab the block to be
! 81: encrypted (or decrypted), ask the user for the pass phrase in the
! 82: mini-buffer, and then do the equivalent of this shell script, using
! 83: something like:
! 84:
! 85: (send-string PROCESS "PassPhrase")
! 86: (send-region PROCESS (point-min) (point-max))
! 87:
! 88: ---begin---
! 89: #!/bin/sh
! 90:
! 91: PGPPASSFD=0;export PGPPASSFD
! 92:
! 93: (echo "PassPhraseHere"; cat ) | pgp -feast recipient1 recipient2...
! 94: ---end---
! 95:
! 96: I must admit, this is a crude script, since it doesn't strip
! 97: out stderr, which included the bannerlines and error messages, but
! 98: that is not difficult to do out of band.
! 99:
! 100: This is an example perl script that demonstrates the use of PGPPASSFD:
! 101:
! 102: ---begin---
! 103: #!/usr/local/bin/perl
! 104: #
! 105: # perl example for PGPPASSFD,
! 106: # encrypts stream with password 'test'
! 107: #
! 108:
! 109: pipe(READER,WRITER);
! 110:
! 111: if (!fork) {
! 112: close(WRITER);
! 113: $ENV{'PGPPASSFD'}=fileno(READER);
! 114: # the $^F (Ctrl-F) variable controls close-on-exec of files
! 115: $�=fileno(READER);
! 116: exec "pgp -acf";
! 117: die "can't exec pgp\n";
! 118: }
! 119: close(READER);
! 120: syswrite(WRITER, "test\n", 5);
! 121: close(WRITER);
! 122: wait
! 123: ---end---
! 124:
! 125: Another feature of 2.2 which can be utilized in mailer scripts
! 126: is the batchmode feature. This is used in the key-server software
! 127: (see key-server.doc), which is not included in the release to allow a
! 128: process to call PGP, and have it perform without prompting the user
! 129: for anything. It will take the default answer to most questions,
! 130: which may not be what the user wants. This is switched by adding
! 131: "+batchmode" to the command line.
! 132:
! 133: One more mailer I should mention, and this is probably the
! 134: most important of all of them, is MIME compatibility. In order to use
! 135: MIME, a user needs to create a proper entry for PGP. Unfortunately
! 136: there hasn't, yet, been a standard MIME content-type created. One
! 137: possible mailcap entry would be:
! 138:
! 139: application/x-pgp: cat %s | pgp -f
! 140:
! 141: although there are a lot of possibilities. There is another
! 142: suggestion given in the mime directory in the contrib area, which I
! 143: haven't tested.
! 144:
! 145: I hope that this document has helped people understand some of
! 146: the work being done to integrate PGP with mailers. There is some work
! 147: going on already to integrate it even more. If you have a mailer for
! 148: which there is no PGP handler, and you want to write one, please let
! 149: me know, so that we don't duplicate work. In addition, if you have
! 150: written a mailer application, and its not included here in the
! 151: release, again let me know.
! 152:
! 153: A second contact for this is Colin Plumb <[email protected]>.
! 154:
! 155: Have fun!
! 156:
! 157: -derek <[email protected]>
unix.superglobalmegacorp.com
This archive runs on limited infrastructure.
Preserving old code on modern bandwidth.
Automated agents are requested to crawl responsibly.
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to appnote.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp