home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Monster Media 1994 #1
/
monster.zip
/
monster
/
MODEM
/
OZPKE12A.ZIP
/
OZPKE.DOC
< prev
next >
Wrap
Text File
|
1994-01-12
|
54KB
|
1,199 lines
╔═════════════════════════════════════════╗
║ OzCIS Public Key Encryption utility ║
║ OzPKE ║
║ Copyright 1993 by Donald Moe ║
║ CIS:72407,1054 ║
╚═════════════════════════════════════════╝
12 January 1994
OzPKE Version 1.2
Synopsis:
---------
This utility program, OzPKE, works in conjunction with Steve Sneed's
automated CompuServe access program OzCIS (v2.0a) and ViaCrypt PGP
program (v2.4) to assure secure communications via electronic mail.
Note to current users: Previous releases of the program consisted of two
modules that have now been combined into one. This requires a change in
the decryption command in "Externals Menu" (see below).
The goal is to simplify public key encryption of outgoing and decryption
of incoming messages and files passing through the CompuServe Information
System. Both direct electronic mail and forum messages as well as file
attachments are supported. OzPKE handles encryption of outgoing messages
and files as well as decryption of incoming messages and received files.
Although the user could use whatever public-key encryption software he
chooses, provided it supports command-line operation, the recommended
program is ViaCrypt PGP system since OzPKE makes use of PGP's public
keyring file and specific features of that program.
Refer to documentation for PGP for a thorough discussion of message
and file encryption and decryption.
Legal Issues:
-------------
OzPKE is (c) Copyright Donald Moe, 1993.
OzPKE are made available for personal use at no charge by the author.
Commercial users are required to contact the author to license use of the
software after a trial period of 14 days.
The author assumes no liability for damages resulting from the use of this
software, even if the damage results from defects in this software, and
makes no representations concerning the merchantibility of this software
or its suitability for any specific purpose. It is provided "as is"
without express or implied warranty of any kind.
Quick Start:
------------
To install and start using OzPKE quickly, perform the following steps.
1) Install and configure PGP according to its instructions.
2) Install a file viewing program, such as Vernon Buerg's LIST.COM.
3) Copy OzPKE.EXE and OzPKE.CFG into the directory where OZCIS.EXE is
located.
4) Edit OZPKE.CFG to conform with your system. (See Configuration file
below.)
5) Enter macro definitions under menu entry "Configuration/Kbd Macros"
(See Macros below) or copy the supplied KBD.MAC file to the OzCIS
directory.
6) Add three external program definitions under "Tool/External Menu".
(See External Menu below.)
The following steps assume that the corresponding macro definitions have
been entered with the same control keys.
To send messages:
1) Compose each message as if it were to be sent as a normal plain-text
message.
2) Place cursor on any blank line within the message or at end and press ^P
and/or ^S to insert the trigger phrases for private and/or signature on
separate lines.
3) Store the message for sending (Alt-S). Enter addressee and subject as
normal.
4) Prior to the on-line session, press Ctrl-E to perform encryption on
all outgoing messages.
5) When a window appears with names of recipients, select proper addressee
from the list and press return. If addressee is not found, press Esc to
cancel, the message will remain unencrypted in the outgoing message file.
6) Log onto CompuServe as normal. Encrypted messages will be sent along
with any plain-text messages without further user intervention.
To send a message with an attached file:
1) Perform steps 1 and 2 the under previous section, "To send messages".
2) With Alt-T request a file attachment and enter the name of the file to
be sent. Set "Upload as ASCII" to "Y" for a file that should be sent as
an ASCII-armored file. If set to "N", the file will be uploaded as a
normal binary file and cannot be sent through the Internet gateway.
3) Continue with "Step 3" above.
To view an encrypted message or decrypt an encrypted file:
1) An encrypted message can be recognized by the header text at the start
of the message:
-----BEGIN PGP MESSAGE-----
or
-----BEGIN PGP SIGNED MESSAGE-----
2) While this message is in the OzCIS reader, press Ctrl-D to decrypt and
display the corresponding plain-text message. If the "Subj:" line
contains the word "Upload:", the message will be processed as an ASCII
encoded binary file and will be stored in the directory specified by
ASCDEC in the configuration file.
3) After reading decoded message, press Esc to return to OzCIS mail
reader.
To force decryption of newly received encrypted file when the automatic
recognition failed. This may be needed when encrypted ASCII files are
received from Internet users or those using software other than OzCIS.
1) An encrypted file can not be destinguished from a normally encrypted
message:
-----BEGIN PGP MESSAGE-----
or
-----BEGIN PGP SIGNED MESSAGE-----
2) While this message is in the OzCIS reader, press Ctrl-F to force
decryption of the message as an ASCII encoded file.
3) The resulting file will reside in the directory specified by the
parameter ASCDEC in OzPKE.CFG.
To add a new public key to PGP's PUBRING.PGP:
1) In message reader, display message containing public key block with the
header text:
-----BEGIN PGP PUBLIC KEY BLOCK-----
2) Press Ctrl-X to have PGP process the public key block and add the new
key to your public key ring.
Alternatively, if public key block has been reformatted by CompuServe's
forum software, so that the data block is incorrect, such as:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.4
mQBNAixXGf0AAAECAMRsXjUbf8fHvaR2+LHq2ZtgyvCtIXlhjmBP0+96ep8sX3o7
TCdBchTGuxcnVnYr9kye57sAV4eumFGdB8hhx6UABRG0KURvbmFsZCBLLiBNb2Ug
PDcyNDA3LjEwNTRAY29tcHVzZXJ2ZS5jb20+ =eNRX -----END PGP
PUBLIC KEY BLOCK-----
Use the following procedure to add a new public key to PGP's PUBRING.PGP:
1) In message reader, display message containing public key block with the
header text:
-----BEGIN PGP PUBLIC KEY BLOCK-----
2) Mark the entire block including entire end-block text by positioning
cursor at start, press Ctrl-KB, move to end and press Ctrl-KK.
3) Press Ctrl-C to copy this marked block into OzCIS's general editor.
4) Correct formatting so that the data block appears like this (but not
indented):
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.4
mQBNAixXGf0AAAECAMRsXjUbf8fHvaR2+LHq2ZtgyvCtIXlhjmBP0+96ep8sX3o7
TCdBchTGuxcnVnYr9kye57sAV4eumFGdB8hhx6UABRG0KURvbmFsZCBLLiBNb2Ug
PDcyNDA3LjEwNTRAY29tcHVzZXJ2ZS5jb20+
=eNRX
-----END PGP PUBLIC KEY BLOCK-----
4) Press Ctrl-W to let PGP process the corrected public key block.
Operation:
----------
For outgoing traffic each message in the OzCIS ".REP" files is scanned for
the trigger keywords. If the ##SIGNATURE## trigger is found on a separate
line in the message text, a public-key encryption (PKE) tool is used to
apply a digital signature to the message. If the ##PRIVATE## trigger is
found in the message text, the PKE program is used to scramble the text of
the message. If both triggers are found, both operations are performed in
a single step. The trigger words, including the enclosing ## characters,
must each appear left-justified on a separate line and be spelled exactly
(all upper case, no spaces, etc.) in order to be recognized. Macros can be
used to facilitate entering these trigger words.
The encrypted message replaces the plain-text message in the outgoing
message file and can no longer be read, unless the command flag was
enabled to save the messages to the associated outbox file (See OUTBOX
below).
Alternatively, the command UPLASCII can be set to Yes in OzPKE.CFG so that
the encrypted message is not stored in the outgoing message file. Rather
OzPKE causes OzCIS to upload the message with protocol to CompuServe MAIL
as an ASCII file. The ASCII file generated by PGP will be stored in the
path specified by UPLPATH with a filename based on the current date and
sequential number. This feature was added to combat corruption of the
ASCII block during transmission to CompuServe. This capability is not
available for forum messages.
Additionally, OzPKE can handle a file attached to a message. If the main
message with the attached file is marked for encryption, the attached file
is also encrypted, either as a binary or an ASCII-armored file depending
on whether "Upload as ASCII" is answered with "N" or "Y", when the
attachment is specified. Both the main message as well as the attached
file are encrypted. The attached file does not need to be compressed
beforehand since PGP automatically performs that step. For example, it
thus becomes extremely easy to securely transmit a spreadsheet data file,
even over the Internet gateway. The attached files can be sent with the
same level of security as the main message, except that Signature Only is
not available. Separate directories can be specified for the ASCII and
binary file uploads.
Warning: the resulting ASCII-armored attached files can become very
lengthy and possibly exceed the message length limit to Internet
recipients. PGP can accommodate this problem with the setting
"ARMORLINES=" in its configuration file, CONFIG.TXT. If this setting is
non-zero, PGP will automatically split lengthier message files into chunks
and sequentially number them starting with the extension AS1 or A01. A
setting of 220 lines results in message chunks of approximately 15KB
length. The current version of OzPKE is not yet capable of coping with
this situation but a fix is under development.
For incoming traffic, the user activates the decoding process when
he sees an encoded message on the screen of the message viewer. The
message will be decoded into a temporary file, preferably on a RAM disk,
and can then be read using a common viewer program, such as Vernon Buerg's
LIST.COM (not supplied). After being viewed, the temporary file is
deleted. The OzCIS message file retains the encoded text block. (A later
version may allow the decoded message to be appended to the associated
message file.)
OzPKE also handles decryption of received files that have been encrypted
as ASCII or binary files. See "Decrypting Encrypted Files" below.
In OzCIS, macros can be defined to perform multiple operations. Several are
used to simplify OzPKE operation. (See macro definitions.)
OzPKE runs via the DOS gateway of OzCIS, which leaves a very small
footprint in memory during the gateway. When OzPKE activates PGP, it
likewise swaps out to EMS, XMS or disk, thus leaving a similarly small
footprint in memory. For OzPKE to have any EMS or XMS available, set the
parameter for OzCIS' protected mode to a value less than maximum available
memory, example "SET DPMIMEM=MAXMEM 4096".
Each message in each specified .REP file is scanned for the presence of
trigger words on lines by themselves, which produce the following effects:
##SIGNATURE## Create a digital signature for this message.
##PRIVATE## Encrypt this message, using the recipient's public key.
Any message containing these trigger words will have the appropriate OzPKE
magic done to it, and when OzPKE is finished, all processed .REP files
will contain the signed/encrypted forms of those messages that were
flagged for signature or encryption, plus the originals of messages that
didn't need a signature or encryption or that could not be encrypted since
the recipient's public key was not available.
When encryption is to be performed on a message, OzPKE will first attempt
to locate the recipient's CompuServe or Internet Email address in the
public key ring file. If an exact match is found, the message is
automatically processed. Otherwise OzPKE will display a pop-up pick list
in which the nearest match to the recipient's name is highlighted. The
user must select and/or confirm the proper recipient using the up/down
arrow keys and press return. If no matching recipient is available,
pressing Esc will cancel the encryption on that message, to continue with
the next one. The cancelled message will remain in the outgoing message
file so that the user can change, hold, or delete it within OzCIS.
The technique for properly matching Email addresses to those in PUBRING
assumes that the entries in PUBRING conform to the format recommended in
the PGP documentation, such as:
for CompuServe addressees:
<72407.1054@compuserve.com>
or
<72407,1054@compuserve.com>
is also recognized,
or for Internet addressees:
<xyz@some.place.com>
The enclosing characters "<" and ">" are required to assure that a partial
match does not result in an incorrect recipient being selected. If no
match is detected, the pick list will appear as before. Case is
irrelevant.
The addresses of the outgoing messages should conform to the usual
CompuServe formatting, for example:
First Last 70000,0000
or
Name INTERNET:name@some.where.com
When OzPKE is done, OzCIS resumes operation at the same place it was
interrupted. The messages files can be sent normally at the next logon
session.
By default OzPKE makes a "backup" of your original .REP file by renaming
the original file to *.BAK. If no backup file is desired, set the BAK
parameter in the configuration file to N.
As OzPKE is merely an interface program to PGP, the messages output by PGP
are still displayed on the screen and should be read in case of possible
error conditions. OzPKE will evaluate any error code returned by PGP and
display any non-zero code with a brief error message. The message box will
indicate whether the encryption or decryption section of the program is
reporting the error.
Command Inputs:
---------------
If no parameter is provided on the command line to OzPKE, a copyright
notice and brief description are displayed. A dummy parameter, X, is
required in the programs' definitions in OzCIS' External Menu for proper
operation of OzPKE. For decryption, a "-d x" is required on the command
line. (All command line switches to OzPKE can be in the form "-d", "-D",
"/d" or "/D", as all of these forms are equally acceptable.)
If the password to PGP's secret ring file has not been specified in
OZPKE.CFG, it should be passed on the command line. This is accomplished
by defining the command under Externals Menu (see below) as shown in the
second alternative. Each time OzPKE is activated, OzCIS will prompt for
the command line parameter. Enter just the password phrase. Leading and
trailing blank space will be removed. Unfortunately there is no way to
suppress the echo in OzCIS' parameter input line, therefore caution is
advised in the presence of others.
The password string is temporarily inserted into the current environment
buffer with the environment variable PGPPASS. This works fine with PGP but
possibly not with other PKE programs. Thus multiple messages can be
processed without requiring the user to reenter the password for each one.
After completion, the password string is removed from the environment
buffer. If the environment size is insufficient to accommodate the password
string, a temporary environment with the minimum required entries will be
used.
The values used in OZPKE.CFG for SIGO, PRIV, SIGP, BINSIG, BINPRV, DECODE
and FILEDECODE naturally depend on which public-key encryption program is
selected by the user, as configured in OZPKE.CFG. If something other than
PGP was chosen, then the user is on his own to figure out what kind of
command-line parameters are required to achieve these desired results. It
may be necessary to create a .BAT file or other "wrapper" to accomplish
this.
If a program other than PGP is chosen, the main things to consider are that
1) the plain-text message is written to "MAIL.IN" in the temporary
directory for the PKE program to use as input,
2) the encoded output from the PKE program has to be left in a file
called "MAIL.PGP" because that's where OZPKE expects to find it, and
3) any signature blocks or ciphertext emitted by the alternative PKE
program must be "armored," or encoded as e-mailable ASCII characters,
similar to the RADIX-64 format used by PGP.
The default options achieve this with PGP. Both "MAIL.PGP" and "MAIL.IN"
are workfiles, and are deleted after OzPKE has completed its work.
When the encoded ASCII messages are to be uploaded using protocol by
OzCIS, the file MAIL.PGP is not used for temporary storage, rather the
encoded messages are stored under sequentially numbered filenames based on
the date.
OzCIS supports a two optional settings in OZCIS.INI for pre- and post-
processing of messages: ReadPreProcess and CompPostProcess.
If "ReadPostProcess=\ozcis\ozpke -d x", OzCIS will inquire whether the
message file should be processed. Unfortunately this is not compatible
with the way OzPKE was designed to decrypt, whereby the encrypted messages
should be retained in secure form and only decoded on an individual basis
as required. However, if any users are not concerned about this aspect and
would prefer to have all messages decoded in a batch process and only
stored as plain-text, they should express this desire to the author of
OzPKE and this operation may be implemented in a future version.
If "CompPostProcess=\ozcis\ozpke x", OzCIS will inquire whether the
message just written should be processed. This works just fine on a
message-by-message basis and reminds the user to process each message, as
intended, but the capability of OzPKE to process multiple outgoing
messages in one pass can no longer be used to full advantage. Furthermore,
if messages are sometimes modified after being initially written but
prior to transmission, this is difficult if each message is encrypted
immediately after being written. For these reasons, the author prefers not
to set "CompPostProcess" and instead presses ^E just prior to the online
session. If a message is addressed to a recipient whose public key is not
available, this message can then be modified or killed prior to
transmission.
WARNING:
--------
Starting with OzPKE 1.1, the configuration file contains the parameter
WIPE, which will cause the work and message files containing plain-text to
be overwritten with the byte 0xFF and also filled to the next cluster
boundary. The operation is performed after all other operations have been
completed. The files affected by OzPKE are MAIL.IN, CISMAIL.REP, and
OZPKE.SWP, and MAIL.TXT and OZPKD.SWP when decrypting.
If the WIPE parameter is left to default setting of "No", then OZPKE does
not overwrite the MAIL.IN file containing the plaintext of the last
message encrypted. It merely deletes the file from the directory. You can
set a PGP option to overwrite or "wipe" this file if you like. See the PGP
documentation for details. However, if this is done, the original
plain-text messages cannot then be copied to the associated outbox files
since this step is only performed after the message has been successfully
encrypted. Hence it is better to set WIPE=Yes if the file should be wiped.
During processing, the new outgoing .REP file has the temporary extension
".R$P" until the operation has been completed. The original, unencrypted
".REP" file is renamed to ".BAK" and the ".R$P" is renamed to ".REP". The
BACKUP command in OZPKE.CFG determines whether backups of the files are to
be made.
Even if the original .REP files are deleted, traces of them may still be
accessible on the disk and therefore could be recovered by those with
adequate skills, unless the WIPE parameter is set to "Yes".
File Inputs:
------------
1) OzPKE first accesses its configuration file, OZPKE.CFG, which must be
located in the same directory where OzPKE resides.
2) OzPKE automatically accesses several OzCIS (v2.0a) configuration files
to determine the locations of the necessary message files:
a) HOSTS.DB contains path to forum directory for currently active
CompuServe host node.
b) FORUMS.DB contains names of the active fora and paths to their
message files.
3) OzPKE also accesses PUBRING.PGP, the file containing all known public
keys of possible correspondents. The names are extracted and stored for
quick access in OZPKE.STM. Updates to PUBRING.PGP are detected so that
OZPKE.STM is likewise updated. Since the internal file structure of
PUBRING.PGP is not available, PGP is called with the command "-kv *
pubring" with output redirected to a temporary file, from which OzPKE
then extracts the required information. This procedure may change in
future versions.
4) OzCIS CISMAIL.REP and possibly the active forum *.REP files, as
specified in the configuration file.
File Outputs:
-------------
OzCIS *.REP files, with messages signed and encrypted as directed.
If UPLASCII is set to Yes in OzPKE.CFG, PGP will encrypt into an ASCII
file in the directory specified by UPLPATH using filenames based on
current date and sequentially numbered extensions, e.g. AS931118.000. A
maximum of 1000 encrypted messages can thus be sent per day. These files
will be attached to an ASCII upload message header in CISMAIL.REP for
automatic uploading by OzCIS, but will not be automatically deleted after
sending. This housekeeping is currently left to the user to perform.
(Suggestions from users on how to automate this step would be welcomed.)
Any files attached to messages that are encrypted will also be assigned a
name according the same scheme, e.g. AS931118.001 or BN931118.001,
depending on whether the attached file is ASCII or binary. The originally
attached files are not deleted nor wiped.
Work Files:
-----------
Up to four temporary work files are created as OZPKE runs.
In the temporary directory, normally on a RAM disk:
MAIL.IN contains the plaintext of the message currently being
processed.
MAIL.PGP the encrypted/signed version of the message as output by
PGP, except when uploading messages as ASCII files.
MAIL.M$G will be created if a message needs repair and then renamed
to MAIL.PGP.
In the OzCIS mail and forum directories:
CISMAIL.R$P file containing outgoing messages or upload control blocks
<forum>.R$P after processing by PGP.
The MAIL.IN file's maximum size is the length of your longest message, not
including headers and control information.
The MAIL.PGP file's maximum size may be somewhat larger than MAIL.IN,
since an encrypted message may be bigger than its plaintext form and
signed messages contain extra lines for the signature block, but it's
still about as large as the longest individual message.
The CISMAIL.R$P and <forum>.R$P files are replacements for the input .REP
file, so they will be about the same size or a bit larger than the
original .REP file. Therefore adequate space should be available on the
OZCIS disk to accommodate the necessary files.
All work and swap files are deleted when OZPKE is finished, but not
overwritten unless the parameter WIPE is set to "Yes" in OzPKE.CFG.
As OzPKE performs a DOS gateway, it needs to have adequate disk storage
available for the swap files, if insufficient EMS or XMS memory is
available. The file size is approximately 170KB.
Receiving Encrypted/Signed Messages:
------------------------------------
With "-d x" on the command line, OzPKE controls the decryption process for
messages, verification of signatures and/or adding of new public keys to
the public key ring. For this to work properly, the message must be
exported to the file MAIL.PGP in the same temporary directory as for
OzPKE. This export operation is performed by a macro.
After PGP completes the decryption, the resulting plain-text output file
will be displayed by a file viewing program, such as Vernon Buerg's
LIST.COM, or any ASCII text editor. After viewing, the intermediate
plain-text file can be wiped as well as deleted if WIPE=Y in OzPKE.CFG.
However, if the parameter KEEP in OzPKE.CFG is set to Y, the plain-text
file is retained to allow the user to then import it into the OzCIS reply
editor to allow quoting. A suitable macro may be used to facilitate this
operation. (See definition for ^R under Macros and user suggestion at end
of documentation.) If the file should be wiped after quoting, the ^R macro
should be modified to activate a suitable batch file, which could call a
program such as Norton's WIPEINFO.
Alternatively, the decrypted plain-text message can be appended to the
file CISMAIL.MSG for storage, as determined by parameter APPEND in the
configuration file. The header of the original message is extracted from
MAIL.PGP and used for the new entry in CISMAIL.MSG. In such cases, the
file viewer, LIST.COM, is not activated. NOTE: Unfortunately this function
does not yet work correctly since OzCIS does not reload CISMAIL.MSG after
doing a gateway to DOS, hence it then overwrites the message file from
it's internal buffer. When a new release of OzCIS appears, this limitation
will hopefully be lifted.
Apparently text messages sent to CISMAIL occasionally suffer from minor
corruption, typically an extra blank at the start of a line around line
10. Although this can now be overcome by uploading the messages as ASCII
files, other users may not send their messages this way, so that you may
have to correct this problem. PGP will report the error and refuse to
decode messages with such corruption, albeit minor. In this case, PGP
returns errorlevel 1 (Invalid File).
A similar problem occurs when the PGP block has been indented. In this
case, PGP returns errorlevel 3 (Unknown File).
In both of these cases, OzPKE will automatically attempt to correct the
problem by copying the file, removing leading blanks from lines within
each PGP block in the file and also discarding extraneous text outside the
PGP blocks. PGP is then called for a second attempt. If the repair
procedure succeeded, PGP will properly decode the ASCII message. During
this process may PGP may beep and display an error message.
If the repair effort was not successful, possibly due to additional
formatting errors within the PGP block, use the ^KB and ^KK commands to
mark the PGP message block in the message viewer. Copy this block to the
MAIL.PGP file in the temporary directory specified in OzPKE.CFG, such as
with the macro defined for ^C (see macro definitions), which copies the
block into the OzCIS general editor. Edit the file MAIL.PGP to correct the
formatting errors, press F2 to save it and then Esc to leave the editor.
Now press ^D again. OzCIS will again export the message to MAIL.PGP,
appending the new text to the existing file, and then activate OzPKE.
Since PGP will process multiple messages within an input file, it will
still report the error in the first message, but will then successfully
process the second, corrected one. Due to the automatic recovery process,
just described, OzPKE will still try to repair the defective file and
activate PGP. This may result in several beeps and error messages until
PGP successfully processes the non-corrupted message in the file.
Decrypting Encrypted Files:
---------------------------
OzPKE also handles decryption of received encrypted ASCII or binary files.
Two directories may be specified to receive the ASCII or binary files
following decryption. Attempts to decrypt non-encrypted files yield an
appropriate error message. The decrypted file is automatically named with
the original filename by PGP. When PGP attempts to create the decrypted
file, it checks whether an existing file may already exist and in that
case asks the user whether the file should be overwritten. If the answer
is No, the default, PGP prompts for an alternative filename. After
completion the user is alerted in a message box to the name of the
resulting file and directory.
If the incoming message is an ASCII file, OzPKE recognizes it as such when
the subject line consists of the phrase "Subj: Upload:". If the message
points to a downloaded binary file, the phrase "% Message is Binary"
causes OzPKE to handle the file appropriately.
If the incoming ASCII file does not have a recognized "Subj" line, OzPKE
will process the file as a readable text file. If that is incorrect, press
Ctrl-F instead of Ctrl-D to force OzPKE to process the message as an ASCII
encrypted file. (See macro definitions below.) This procedure will probably
be needed for files received from Internet correspondents or those using
software other than OzCIS.
For alternative PKE programs, the parameter FILEDECODE needs to be set
appropriately in OZPKE.CFG.
Software Requirements:
----------------------
OzPKE was tested with MS-DOS 5.0, OzCIS 2.0b/c, ViaCrypt-PGP 2.4 and PGP
2.3a on 486/33 and 386/33 computers with QEMM 6.02 installed and Lantastic
5.0 loaded. It may well work with earlier or later versions of those
related products, but the author doesn't know that for a fact. If anomalies
are observed when using other computer configurations, please report them to
the author at his CIS address 72407,1054. Files are opened in the
appropriate Share mode as appropriate, so that operation in a network
environment should present no difficulties.
Since OzPKE operates by invoking your PKE software, you must have your
chosen PKE package installed and working properly before OzPKE can function.
Forum limitations:
------------------
Although it is technically possible to post encrypted messages in a public
forum on CompuServe, this activity is frequently discouraged or outright
forbidden, including signatures on plain-text messages. Two general
principles should be obeyed in this regard:
1. Don't post an encrypted message in any forum that has disabled the
"private message" feature. If they wanted you to have private
side-conversations, they'd enable the forum feature that supports
them.
2. Don't use signatures in public messages unless you see that they're in
common use in that particular forum. In some forums, the sysops and
most of the users regard the extra six or seven lines of hash as a
waste of time--they're not generally going to bother with validating
signatures anyway, and they don't want to pay to download the extra
text. If in doubt, ASK the sysop.
Therefore, by default OzPKE ignores forum message files.
Macros:
-------
The following macros are recommended for smooth operation of OzPKE and
must be carefully entered into OzCIS's macro editor (Configuration/Kbd
Macros) or just use the version supplied in the distribution file. Adjust
the path to MAIL.PGP within the macros as appropriate.
Other activation keys may certainly be used instead of the following
control-key combinations, if desired, but beware of conflicts with normal
keyboard commands. ^ signifies a Ctrl-key combination.
Insert signature trigger: ^S
<Home><Enter>##SIGNATURE##<Enter>
Insert private trigger: ^P
<Home><Enter>##PRIVATE##<Enter>
Decrypt currently displayed message: ^D
<AltM>vtG:\TEMP\MAIL.PGP<Enter><Alt1><Down><Enter>
Force decryption of currently
displayed message as ASCII file: ^F
<AltM>vtG:\TEMP\MAIL.PGP<Enter><Alt1><Down><Down><Down><Down><Down><Enter>
Encrypt outgoing messages in CISMAIL and active forum message files: ^E
<Alt1><Down><Down><Enter>
Add key to PUBRING.PGP: ^X (use when text block not mangled)
<AltM>vtG:\TEMP\MAIL.PGP<Enter><Alt1><Down><Down><Down><Enter>
Add mangled key to PUBRING.PGP: ^W (use when mangled text block has been
corrected in editor)
<Alt1><Down><Down><Down><Enter>
Copy marked block to general editor: ^C
<^J>c<AltO>gG:\TEMP\MAIL.PGP<Enter><^J>p<^K>h
Load decrypted message into Reply editor: ^R
<AltR><^K>rG:\TEMP\MAIL.TXT<Enter><^K>h
Delete MAIL.TXT in temporary directory: ^Z
<Alt1><Down><Down><Down><Down><Enter>
Note: Key codes within brackets <..>, such as <AltM>, are entered in
OzCIS' macro editor by pressing the corresponding key combination. For
<Enter> and <Down> press the Scroll-Lock key first. (Refer to OzCIS
documentation.)
Several macros contain <Down>, which refers to the cursor-down key. This
must match with the associated commands in the External Menu. This is
critical for proper operation of the programs!
External Menu:
--------------
Three external definitions must be entered in the External Menu and must
be sorted into the top positions in this order. THIS IS CRITICAL! Change
paths as appropriate.
1) DOS Gateway -- already defined.
2) Decrypt Received Mail Message:
╔════════════════ Externals Definition ════════════════════╗
║ Title Decrypt Received Mail Message ║
║ Command Line \ozcis\ozpke.exe -d x ║
║ Use 2nd Cmd Processor? N Pause after execution? N ║
║ Prompt for Params? N ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
If no password to PGP's secret ring has been defined in OZPKE.CFG,
then change the Externals definition as follows:
╔════════════════ Externals Definition ════════════════════╗
║ Title Decrypt Received Mail Message ║
║ Command Line \ozcis\ozpke.exe -d -p ║
║ Use 2nd Cmd Processor? N Pause after execution? N ║
║ Prompt for Params? Y ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
3) Encrypt Outgoing Messages:
╔════════════════ Externals Definition ════════════════════╗
║ Title Encrypt Outgoing Mail Messages ║
║ Command Line \ozcis\ozpke.exe x ║
║ Use 2nd Cmd Processor? N Pause after execution? N ║
║ Prompt for Params? N ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
If no password to PGP's secret ring has been defined in OZPKE.CFG,
then change the Externals definition as follows:
╔════════════════ Externals Definition ════════════════════╗
║ Title Encrypt Outgoing Mail Messages ║
║ Command Line \ozcis\ozpke.exe -p ║
║ Use 2nd Cmd Processor? N Pause after execution? N ║
║ Prompt for Params? Y ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
4) Update PGP Key File: (change paths in NEWPUB.BAT as required)
╔════════════════ Externals Definition ════════════════════╗
║ Title Update PGP Key file ║
║ Command Line \ozcis\newpub.bat ║
║ Use 2nd Cmd Processor? Y Pause after execution? Y ║
║ Prompt for Params? N ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
5) Delete MAIL.TXT in temporary directory:
╔════════════════ Externals Definition ════════════════════╗
║ Title Delete MAIL.TXT ║
║ Command Line del g:\temp\mail.txt ║
║ Use 2nd Cmd Processor? Y Pause after execution? N ║
║ Prompt for Params? N ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
6) Force Decrypt Received File:
╔════════════════ Externals Definition ════════════════════╗
║ Title Decrypt Received File ║
║ Command Line \ozcis\ozpke.exe -d -f ║
║ Use 2nd Cmd Processor? N Pause after execution? N ║
║ Prompt for Params? N ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
If no password to PGP's secret ring has been defined in OZPKE.CFG,
then change the Externals definition as follows:
╔════════════════ Externals Definition ════════════════════╗
║ Title Decrypt Received File ║
║ Command Line \ozcis\ozpke.exe -d -f -p ║
║ Use 2nd Cmd Processor? N Pause after execution? N ║
║ Prompt for Params? Y ║
║ ║
║ F10-Ok ▄ Cancel ▄ ║
║ ▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀ ║
╚══════════════════════════════════════════════════════════╝
Batch file:
-----------
Place the following batch file as named in the Externals Menu, step 4, into
the OzCIS directory, e.g. NEWPUB.BAT:
@echo off
rem This batch file adds new Public Key to PGP's PUBRING.PGP file.
rem Adapt paths as required.
rem
c:\pgp\pgp.exe -ka g:\temp\mail.pgp c:\pgp\pubring
del g:\temp\mail.pgp
Programming Notes:
------------------
OzPKE was developed using Borland Pascal version 7.0 in conjunction with
the excellent Object Professional library from Turbo Power Software. At
the present time, I have chosen not to include the source code to OzPKE in
the distribution file, but will make it available for a small donation.
The idea for the program came from a similar program for TAPCIS users as
developed by Bob Smart [72027,3210], which he called TAPPKE. I also wish
to thank him for additional suggestions and contributions to this
documentation.
Needless to say, this project would have not been necessary without the
tireless efforts of Steve Sneed in first releasing version 2.0 of OzCIS
and continuing to update it. My express thanks to him for this excellent
program.
Of course, without the availability of such outstanding public-key
encryption software, like ViaCrypt PGP, this project would not have even
been conceived.
Please report problems or bugs in OzPKE to the author via Email to his
CompuServe user number 72407,1054. Please include the version number of
the program when it is called without parameters and describe the anomaly
as succinctly as possible.
The author would also welcome suggestions for enhancments to these
programs.
Errors:
-------
When OzPKE detects an error condition, it displays an appropriate message
in a pop-up box. If PGP returns an errorlevel greater than zero, this is
also reported, including a brief error text. When PGP returns errorlevels
1 or 3 during decryption, OzPKE will make one attempt to correct the
defective message block.
If Debug mode is enabled, OzPKE will display additional advisory
information and pause for 2 seconds after each activation of PGP. Turn
this off when you are satisfied that PGP and OzPKE function correctly.
Some users have experienced problems with a previous version in that the
environment buffer was inadequate to accommodate their passwords. This can
be overcome by changing the command line for OzPKE in External Menu to the
following:
c:\command.com /e:1024 /c ozpke x
Change the location for COMMAND.COM and the necessary environment size as
necessary. This "work-around" should no longer be required with version 1.0c
of OzPKE (or later).
Configuration file:
-------------------
The file OZPKE.CFG must be located in the same directory in which
OZPKE.EXE is located. Lines beginning with semicolon are treated as
comments. Remove the semicolons to activate the command.
; This is the configuration file for OZPKE and must be in the
; directory where OZPKE is located, usually the OZCIS directory.
; Entries can be either upper or lower case.
;
; PROG is complete path to PGP.EXE or other public key encryptor.
PROG=C:\PGP\PGP.EXE
;
; TEMP points to a temporary working directory, preferably on a RAM disk.
; If not defined here, the environment variables TEMP or TMP will be
; checked for a valid path to a temporary directory. If nothing else is
; defined, temporary files will be stored in PGP's directory.
TEMP=G:\TEMP
;
; OZCIS is the directory where OzCIS' program file and HOST.DB are located.
OZCIS=D:\OZCIS
;
; USER must contain your ID number as stored in SECRING.PGP.
; (This is changed from the user name in previous versions.)
; Example: USER=0x61C7A5
USER=User ID
;
; LIST is complete path to LIST.COM or other file viewer or editor.
LIST=c:\util\list.com
;
; PASS is your password to PGP's secret ring file.
; If not defined, then pass it on command line to OZPKE after "-p".
; Leading/trailing blanks are removed.
;PASS=
;
; PRIV may contain the PGP command string for private message only.
; The default for PGP is internal to program and defaults to:
;PRIV= %i "%a" -u %u -o %o -eat +clearsig=off
;
; where:
; %i is placeholder for filename of input file to encode
; %a is placeholder for name or ID number of addressee
; %u is placeholder for name of user as stored in SECRING.PGP
; %o is placeholder for filename of output file after encoding
;
; Quotes around %a are required!
;
; SIGO may contain the PGP command string for signature only.
; The default for PGP is internal to program and defaults to:
;SIGO= %i -u %u -o %o -sat +clearsig=on
;
; SIGP may contain the PGP command string for signature and private.
; The default for PGP is internal to program and defaults to:
;SIGP= %i "%a" -u %u -o %o -seat +clearsig=off
;
; BINSIG contains command string for binary file attachments,
; signature and private.
; The default for PGP is internal to program and defaults to:
;BINSIG= %i "%a" -u %u -o %o -es
;
; BINPRV contains command string for binary file attachments,
; private message only.
; The default for PGP is internal to program and defaults to:
;BINPRV= %i "%a" -u %u -o %o -e
;
; ASCSIG contains command string for ASCII file attachments,
; signature and private.
; The default for PGP is internal to program and defaults to:
;ASCSIG= %i "%a" -u %u -o %o -sea
;
; ASCPRV contains command string for ASCII file attachments,
; private message only.
; The default for PGP is internal to program and defaults to:
;ASCPRV= %i "%a" -u %u -o %o -ea
;
; DEBUG can be set to 0/1 or N/Y to disable or enable additional messages
; and delays for debugging purposes. Default=N
;DEBUG=N
;
; DECODE contains PGP command for decoding messages.
; The default for PGP is internal to program and defaults to:
;DECODE= %i -o %o
;
; FILEDECODE contains PGP command for decoding files to original name.
; The default for PGP is internal to program and defaults to:
;FILEDECODE=%i -p
;
; FORUM can be set to 0/1 or N/Y to disable or enable processing of
; outgoing forum message files. Default=N
;FORUM=N
;
; BAK can be set to 0/1 or N/Y to disable or enable making a backup of forum
; and CIS message files. Default=Y
;BAK=Y
;
; APPEND can be set to 0/1 or N/Y to disable or enable appending of decoded
; messages to the CISMAIL.MSG file. Default=N.
; Due to problem with OzCIS not reloading CISMAIL.MSG after DOS gateway, this
; command does not yet function correctly. An OzCIS version later than 2.0a
; may support this feature.
;APPEND=N
;
; To determine storage for plain-text copies of encoded outgoing messages
; before encryption.
; OUTBOX can be set to:
; CISMAIL : stores only Cismail messages to CISMAIL.OBS
; FORUM : stores only forum messages to <forum>.OBS
; BOTH : stores both Cismail and forum messages
; NONE : neither.
; Actual name for <forum>.OBS is stored in FORUMS.DB and for CISMAIL.OBS in
; HOST.DB. For a forum in which "Save Outbox Msgs?" is set to "N", the
; forum setting here will be ignored.
; Settings can be abbreviated to just first letter. Default=None.
;OUTBOX=None
;
; Keep plain-text output file from PGP rather than deleting it, so that
; the message can be inserted into OzCIS' reply editor (^KR) for quoting.
; Default=N
;KEEP=N
;
; Upload outgoing PGP ASCII messages as files instead of normal text messages.
; This should only be needed if ASCII text messages are corrupted when
; transmitted normally. Default=N
;UPLASCII=N
;
; Directory in which to store the ASCII PGP files to be uploaded.
UPLPATH=D:\OZCIS\PGP
;
; Directory in which to store the BINARY PGP files to be uploaded.
BINPATH=D:\OZCIS\PGPBIN
;
; Directory in which to store decoded binary PGP files.
BINDEC=D:\OZCIS\BINDEC
;
; Directory in which to store decoded ASCII PGP files.
ASCDEC=D:\OZCIS\ASCDEC
;
; Overwrite (wipe) temporary plain-text files before deleting them.
; Default=N
;WIPE=N
;
; ---- End of OzPKE.CFG ----
OzPKE History:
--------------
Date Version Comments
01/12/94 1.2 Revised documentation for ViaCrypt-PGP
12/07/93 1.2 Converted OzPKE & OzPKD to units in common program.
Reduced memory footprint during DOS gateway.
Trap for empty Outbox filename under host options.
Make any missing subdirectories
12/02/93 1.1 Removed check for recipient if signature-only.
Check for CIS or Internet address match in pubring entry
and skip pick list if match found.
Accept multi-line addresses in pubring list.
Wipe plain-text message files as appropriate and also
OZPKE.SWP if used.
Handle ASCII or binary encryption of file attachments.
11/18/93 1.0e Added switch UPLASCII and UPLPATH in OzPKE.CFG for
uploading ASCII PGP messages with protocol for cases
when ASCII messages garbled in normal method.
10/28/93 1.0d Improved error trapping for missing OzPKE.CFG
Display appropriate error message from PGP in addition
to errorlevel.
Increase number of free bytes needed in environment
10/16/93 1.0c Revised handling of user and recipient names: now passes
6-digit ID numbers instead of full names to PGP. Long
names would cause overflow of command line to PGP.
If environment buffer has insufficient space for password
and path to PGP, temporary environment is used.
Corrected pathname problems to files like CISMAIL.REP.
Debug mode now displays command line to PGP.
10/06/93 1.0b Additional error trapping during initialization.
09/03/93 1.0a Initial release.
OzPKD History:
--------------
Date Version Comments
12/13/93 1.2 Fixed bug in storing path to PGP in environment.
Converted to unit with OzPKE under common program.
If PGP returns errorlevel 1 (Invalid File) or 3
(Unknown File), try to repair file:
1) remove possible leading blanks within PGP block
2) discard extraneous text
3) call PGP again
Make any missing subdirectories
12/01/93 1.1 Wipe plain-text message files as appropriate and also
OZPKD.SWP if used.
Handle decryption of ASCII or binary files.
10/28/93 1.0b Increase number of free bytes needed in environment
Improve error handling if OzPKE.CFG not found
Make certain that MAIL.PGP and MAIL.TXT deleted before
exiting back to OzCIS.
Add command KEEP in OzPKE.CFG to not delete MAIL.TXT
after viewing plain-text output from PGP.
Display appropriate error message from PGP in addition
to errorlevel.
New Macro, ^R, defined to loaded decrypted message into
OzCIS reply editor.
10/16/93 1.0a If environment buffer has insufficient space for password,
temporary environment is used.
Corrected pathname problems to files like CISMAIL.REP.
Debug mode now displays command line to PGP.
09/03/93 1.0 Initial release.
Suggestions from users:
-----------------------
One user is concerned about the decoded message being left on disk in
a recoverable form. He writes:
"I have worked out a reasonable solution for myself. I set KEEP=Y so
that MAIL.TXT is created when I decrypt. When I decrypt a message,
though, I run the following batch file instead of OzPKD:
@echo off
c:\ozcis2\ozpkd.exe -p %1
cls
be ask "Would you like to reply to this note? " ny DEF=n
if errorlevel 2 goto end
wipefile c:\pgp\temp\mail.txt /g
:end
"After I am done reading a decrypted message, the batch file gives me
the choice of preserving the plaintext for a reply, or wiping it out
immediately. If I choose to retain it, I still must use ^R to invoke
the reply feature. However, I also modified the ^R macro to run
wipefile on MAIL.TXT after it finishes loading it into the OzCIS Reply
Editor. I accomplished this by creating a new external to run the
necessary wipefile command. My ^R macro simply executes this external
after it has finished loading MAIL.TXT into the reply editor. As long
as I use ^D and ^R consistently, one or the other of the two macros will
wipe MAIL.TXT from my hard drive."
Note: Starting with this version of OzPKE, replace the second line in his
batch file with the following command:
c:\ozcis2\ozpke.exe -d -p %1
The same user also thought of a clever way to keep his encrypted outgoing
messages available for review. He writes:
"OZPKE has an option to APPEND an outgoing message to the CISMAIL.MSG
file. As you correctly point out, this doesn't work right now, because
of the way OZCIS handles its buffers when you shell out to DOS (I ran
into this problem months ago with Todd Fiske's OZM). I wanted to point
out, however, that it may not be necessary to have this feature in
OZPKE, unless the user wants to save *plaintext* to the CISMAIL.MSG
file. I set OZCIS to save all outgoing mail to my CISMAIL.MSG file.
This way, the ciphertext gets saved to the message file. If I want to
read messages I sent, I merely decrypt them using ^D. I can decrypt
messages I sent, because I include myself as a recipient of every
message I send. I managed this by putting my ID on the command line
for SIGP and PRIV in OZPKE.CFG. This arrangement gives me greater
security, because plaintext is never stored on the hard drive."
Note: This trick doesn't work quite as expected if UPLASCII=Y since only
the reference to the uploaded message is written to the message file.
====== End of OzPKE documentation =============================