home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The 640 MEG Shareware Studio 2
/
The 640 Meg Shareware Studio CD-ROM Volume II (Data Express)(1993).ISO
/
clang
/
pgp20src.zip
/
README.VMS
< prev
next >
Wrap
Text File
|
1992-09-04
|
5KB
|
103 lines
PGP/VMS Version 2.0
-------------------
All rights to PGP are reserved by Phil Zimmermann. All contributed modules
are also subject to the copyrights of their individual authors, on the same
conditions. Certain algorithms used by PGP are subject to patent restrictions
and this software as a whole may be subject to export control in certain
countries. Read the PGP Guide for full copyright information and for details
about export control.
These notes are intended for those people using and working with PGP under
the VAX/VMS operating system. These are intended to supplement rather than
replace the PGP guide. You should read and understand the guide, particularly
the section about key management.
PGP/VMS was written usintg the VAX C compiler, which you must have to
compile it. If you wish to use another compiler, see the developers notes.
PGP is provided with an MMS description file. To build using this file, go
to the directory containing the uncompressed files and type the following:
$ MMS PGP.EXE
You may wish to delete the object files at this point, they are not needed
unless you are working on the code. To build a version under the VAX/VMS
debugger, define the DCL symbol PGP_DEBUG=1. The debugger version will be
built without any optimisation and will be *significantly* slower.
Once you have built PGP, it should be placed somewhere that is protected
against tampering. It is not impossible that someone may replace PGP.EXE
with a patched version designed to capture keys. You may wish to use the
CHECKSUM utility (CHECKSUM/IMAGE PGP.EXE) to control against modifications,
however CHECKSUM does not use very effective algorithms and may itself be
compromised.
You should then use PGP by defining it as an "external command" in your
LOGIN.COM, or alternative the system wide login command procedure, SYLOGIN.
This is done simply with the following line of DCL:
$ PGP:==$device:[directory]PGP
After executing this line (remember the dollar sign before the device name),
you should be able to display a help text by typing:
$ PGP
PGP will want to retain the keyrings and some other information. These are
stored in the device and directory pointed to by the logical name PGPPATH.
You should copy the files LANGUAGE.TXT and CONFIG.TXT to this directory.
Your secret keyring contains information that could be cryptographically
analysed - it must be protected against world access.
Note that keyrings should be directly transportable between VMS, MSDOS
and other PGP implementations. Text files may not be portable because of the
different text record representations across operating systems. If you wish
to send a text file to a system other than VAX/VMS, you are recommended to
use the 'canonical-form' switch '-t'.
Developers Notes
----------------
There are two key conditionals throughout the source for the VAX/VMS
implementation:
VAXC - Allows specific optimisations permitted by the VAX C compiler and
overcomes problems with the differences between VAX C and ANSII C.
VMS - This allows VMS specific file handling and some optimisations. It
should be noted that the primitives do not work with RISC/VMS untill
someone has done some work on porting VAX.MAR.
There was also some preliminary work donw on porting this to GNU C and indeed
an earlier (developers) version ran under GNU C. The code affected is usually
conditionalised with GCC. If someone wishes to complete this and (hopefully)
integrate the inline assembler stuff used for moves and zero-fills, this
would be very useful.
All optimizations were checked out using DEC's PCA, and this version appears
to be optimal under VAX C.
As for cleaning up, there are verious areas which could be improved:
1) PGP's own erase on delete could be replaced by the standard VMS
function so the file system does the work.
2) Ensure secret keyring is created without world and group access.
3) The random number generation uses a polling loop from the keyboard
which is neither nice nor necessary. A better approach would be to do
single character I/Os and fetch the system clock after each
character.
Support
-------
This software is provided in the public domain and without charge other than
for copying. For support issues concerning PGP and VAX/VMS, you are welcome
to contact me via Electronic Mail on Compuserve using ID 70042,710 and on the
Internet with 70042.710@compuserve.com. This software is provided "as-is" and
any support given will be of an informal nature.
Hugh A.J. Kennedy, 30th July 1992