OS/2 Shareware BBS: 5 Edit

home *** CD-ROM | disk | FTP | other *** search

/ OS/2 Shareware BBS: 5 Edit / 05-Edit.zip / gcppgp12.zip / gcppgpfe.zip / GCPPGPFE.Doc < prev next >

Wrap

Text File | 1996-04-21 | 23KB | 468 lines

GCPPGPFE Gibbon Computer Products PGP Front-End Version 1.2 Copyright (c) 1994-1996 by Gibbon Computer Products, Inc. Written by John C. Frickson Sections In This User Manual: Installation Configuring Multiple Versions of EPM Using GCPPGPFE Security Concerns Bug Reports and Comments Frequently Asked Questions Mailing Lists Contact Information Legal Stuff Public Key for John C. Frickson Installation ------------ The distribution file (GCPPGP12.ZIP) includes an inner zip file called GCPPGPFE.ZIP and a signature file called GCPPGPFE.sig. You can verify the authenticiy by using the command: "pgp GCPPGPFE.sig gcppgpfe.zip" Unzip the GCPPGPFE.ZIP file into a temporary directory. The source code for the front end and several precompiled macros will be extracted: GCPPGPFE.E E Source code GCPPGPFE.551 Macro compiled for EPM version 5.51a GCPPGPFE.600 Macro compiled for EPM version 6.00c GCPPGPFE.602 Macro compiled for EPM version 6.02 GCPPGPFE.603 Macro compiled for EPM version 6.03 GCPPGPFE.DOC This file Rename the appropriate macro to GCPPGPFE.EX. For example, if you are using the version of EPM that comes with OS/2 2.11 or Warp, you would: REN GCPPGPFE.551 GCPPGPFE.EX Put the GCPPGPFE.EX file in a directory specified in either EPMPATH or PATH. These paths are where EPM looks for PROFILE.ERX (described below) and *.EX files. Most *.EX files are in the \OS2\APPS directory. Configuring ----------- GCP PGP Front-End requires that the PGPPATH environment variable is set. This points to the directory that contain your keyrings, RANDSEED.BIN and CONFIG.TXT. The MYNAME, TMP, PUBRING, SECRING and RANDSEED settings in CONFIG.TXT will be used if they are set. Also, the PGPPASS environment variable will be used for your passphrase if it is set. Starting with the 2.6.2 version of PGP, the configuration file can be config.txt, pgp.ini, or .pgprc so the GCP PGP Front-End will look for each file. Make sure NR/2, PMMail, or any other applications are set up to use the EPM editor. In NR/2, this is done by selecting then "Configure" menu on the main menu bar, and the "Editor..." menu item, or by pressing CTRL+SHIFT+D. A dialog box will come up where you can enter the editor name and arguments. Specify "x:\OS2\APPS\EPM.EXE" for the editory name where x: is your boot drive. In the "arguments" entry field, enter "%/M". Now, you need to tell EPM about GCPPGPFE. There are three ways to do this. I call these three ways the "On the Fly", "Automatic", and "Linked In" methods. On the Fly: You would use this method to test GCPPGPFE, or if you didn't want it always available. To do this, whenever you want to use PGP from within the EPM editor, bring up the "Command Dialog" by pressing CTRL+I. Then enter the command "LINK GCPPGPFE". The PGP menu will appear on the menu bar, and you can do whatever it is you want. Automatic: The EPM editor is highly customizable. One of the ways it can be customized without having to recompile the EPM.EX file, is to use a Profile. The profile must be named "PROFILE.ERX" and be in a directory specified by either EPMPATH or PATH such as the \OS2\APPS directory. This is actually a REXX script with access to certain EPM variables and functions. For our purposes, a very simple file can be created that looks like this: /* PROFILE.ERX - REXX needs a comment on the first line */ 'LINK GCPPGPFE' That's all there is to it -- only two lines. But we're not quite done yet. EPM doesn't automatically check for a profile. For EPM version 5.51a: Start EPM and bring up the "Command Dialog" (press CTRL+I) and enter "profile on". Then select the "Save Options" menu item on the "Options" menu. Exit EPM and restart it. It should now read your profile and link in GCPPGPFE, making the PGP menu available. For EPM version 6.x: Start EPM and bring up the Settings notebook (File -> Settings...) On the "Misc" page check the "Rexx profile" checkbox. Make sure the "Save settings" checkbox at the bottom of the notebook is checked. Then close the Settings notebook. Exit EPM and restart it. It should now read your profile and link in GCPPGPFE, making the PGP menu available. Linked In: GCPPGPFE can be built into the EPM.EX file, which is the controlling file for EPM. To do this, you need the EPM toolkit (available from software.watson.ibm.com or ftp.cdrom.com). Put GCPPGPFE.E into the directory where the *.E files are. Add a line to MYCNF.E or MYSTUFF.E that reads tryinclude 'gcppgpfe.e' Now recreate EPM.EX by issue the command "ETPM EPM". Copy the resulting EPM.EX file to \OS2\APPS and you're done. Due to limitations in EPM versions prior to 6.x, this WILL NOT work. The "Linked In" approach will only work with EPM 6.x. NOTE: If you use the "Automatic" approach and use LaMail for email, you will need to turn "profile on" twice. Once for the usual EPM, and a second time for LAMail. LAMail has its own configuration for EPM, so you need to turn "profile on" there, as well. Just view or create a note. That will bring up the EPM editor under LAMails control. Bring up the "Command Dialog" and enter the "profile on" command. Multiple Versions of EPM ------------------------ If you have more than one version of EPM, for example 5.51a that comes with Warp, and 6.03, you need to make some special arrangements. You can either use the "Linked In" method described above, or you can include multiple versions of this front end in PROFILE.ERX, and give them unique names. For example, my PROFILE.ERX looks like this: /* */ 'link gcppgpf5' 'link gcppgpf6' This way, EPM attempts to link both macros. You will usually get a message about an invalid EX file when EPM tries to link the _other_ macro. But the one that corresponds to the version of EPM being run will link successfully. This is especially handy if you use EPM 6.03 for most things, but need to use EPM 5.51a in conjunction with LaMail. Using GCPPGPFE -------------- Once you have THE GCP PGP Front-End installed into EPM using one of the three methods described above, you will see a "PGP menu on the menu bar just before the "Help" menu. This menu is your interface to PGP. Since this is a non-interactive interface, there are some things that cannot be done. A prime example of this is encryption and signature checking. These functions can only operate against a public key in PUBRING.PGP. If you want to use a key in another keyring, it currently cannot be done. The menu items and their functions are described next. Encrypt or Sign -> This is a sub-menu for encryption and signing functions Encrypt This will encrypt the selected text and REPLACE it in the document (PGP -e) Sign Text This will sign the selected text, and insert the signature and the "Begin" and "End" delimeters into the document. DO NOT MODIFY TEXT BETWEEN THE DELIMETERS OR A SIGNATURE CHECK WILL FAIL! (PGP -s) Encrypt and Sign This will sign the selected text, encrypt it, and REPLACE it in the document (PGP -se) Conventional Encryption This will encrypt the selected text using conventional encryption and REPLACE it in the document (PGP -c) Include Key or Fingerprint-> This is a sub-menu for extracting keys or fingerprints to include. Include Public Key This will extract a public key from the currently selected public key ring, and insert it into the document at the current cursor position (PGP -kx) Include key Fingerprint This will extract a fingerprint from the currently selected public key ring, and insert it into the document at the current cursor position (PGP -kvc) Decrypt Message This will decrypt an encrypted message and display the plain text in a separate EPM window. Check Signature This will check a PGP signed message for a valid signature. The signer's public key MUST be in PUBRING.PGP or the check will fail. Change Defaults This allows you to change the default settings for ASCII Armor, Text mode, Clearsig, and Language=en. GCP PGP Front-End sets these to "ON" by default. If, for some strange reason, you want any of these switches off, this will do it. NOTE: Turning these switches off only means that GCP PGP Front-End will not set them "ON". Turning these off will cause PGP to use the settings you have in CONFIG.TXT. Clear Password This will remove the passphrase used to access your secret keyring from memory. It is a good idea to do this if you are going to be away from your computer while EPM or LAMail are running. Select Keyrings -> This is a sub-menu for selecting keyrings. IMPORTANT NOTE: Selecting a different keyring will NOT make that keyring the default in all cases, such as signature checking and encryption! Secret Keyring This will let you change which secret keyring will be used for various operations. The default is SECRING.PGP. Public Keyring This will let you change which public keyring will be used for various operations. The default is PUBRING.PGP. View Keyring -> This is a sub-menu for operations involving the listing of information from your keyrings. NOTE: The public key ring or secret key ring used by these functions CAN be changed using the "Select Keyrings" menu. Pubring Normal This will list selected keys from the currently active public key ring. (PGP -kv) Pubring Verbose This will list selected keys and signatures from the currently active public key ring. (PGP -kvv) Pubring Trust/Validity This will list selected keys from the currently active public key ring, and also display the trust and validity for each key. (PGP -kc) Pubring Fingerprint This will list selected key fingerprints from the currently active public key ring. (PGP -kvc) Secring Normal This will list selected keys from the currently active secret key ring. (PGP -kv) Secring Verbose This will list selected keys and signatures from the currently active secret key ring. (PGP -kvv) Secring Fingerprint This will list selected key fingerprints from the currently active secret key ring. (PGP -kvc) Key Management -> This is a sub-menu for key management operations. NOTE: The public key ring or secret key ring used by these functions CAN be changed using the "Select Keyrings" menu. Add Key to Pubring This will add any public keys in the current document to PUBRING.PGP, or the currently selected public keyring. (PGP -ka) NOTE: If any keys on your keyring have older signatures (identified as "malformed or obsolete" when you do a PGP -kc), these WILL BE DELETED when you add new keys or signatures!! The rest of the menu items under Key Management all start with (S). This indicates that these commands are invoked using an OS/2 Shell. When selected, an OS/2 Window will be displayed and you can interact with PGP. You could just as easily run these functions yourself from an OS/2 Window, since they have no effect whatsoever on any document being edited or displayed in an EPM window, but I included them here for convenience and completeness. HELP -> This is the Help sub-menu PGP Help This will invoke PGP with the -h option, and display the results in an EPM window About Gibbon PGP This will bring up an "About" dialog box Security Concerns ----------------- There are a few security issues here that should be addressed. 1) GCP PGP Front-End makes use of temporary files for processing. These files are deleted, but can be recovered. If you want to make sure noone is able to read your mail, you probably want to set up a VDISK and point the TMP variable to the VDISK. 2) If GCP PGP Front-End needs your pass phrase, it asks for it in a dialog box. The pass phrase is entered IN THE CLEAR in an entry field. I have been unable to find any way to make an entry field put up by an E function in EPM to be either non-display or to show asterisks. Make sure NOONE is watching when you enter your passphrase. An alternative is to set the PGPPASS environment variable, but that's not very secure, either. With release 1.1, this is only a problem in EPM 5.51a. The macros for EPM 6.x can set the input dialog to display asterisks ('*') when you enter the passphrase. 3) OS/2 memory management will swap memory out to disk to make more room. That means that even if you set up a VDISK and clear the passphrase after each use, there is still a vulnerability. Bug Reports and Comments ------------------------ If you run across any bugs, or have comments or requests, send them to me at support@gibbon.com. All mail will be replied to. Bug reports are encouraged. How can I fix it if I don't know it's broke? Any comments or requests for features or functionality are also encouraged. How can I make it work better if I don't know what you want? Frequently Asked Questions -------------------------- FAQs that cover questions and problems that arise can be found at http://www.gibbon.com/faq and at ftp://ftp.gibbon.com/pub/gcp/faq. If you have a problem or question, please check for a FAQ answer before you contact Gibbon Computer Products, Inc. for support. Mailing Lists ------------- There are two mailing lists you can subscribe to. The gibbon_announce mailing list is used by Gibbon Computer Products, Inc. for official announcements. This includes announcements of new sofware packages, beta test programs, bugs, etc. You can subscribe to this list by sending email to gibbon_announce-request@gibbon.com and put the word "subscribe" (without the quotes) in the body of the message, or sending email to marjodomo@gibbon.com and put the words "subscribe gibbon_announce" in the body of the message. The gibbon mailing list is an open, unmoderated list. This can be used for people to ask questions, report bugs, help each other with problems, complain about GCP products, praise GCP products, just about anything. The only requirement is that the post should somehow relate to Gibbon Computer Products, Inc., GCP software, GCP facilities, or GCP personnel. You can subscribe to this list by sending email to gibbon_announce-request@gibbon.com and put the word "subscribe" (without the quotes) in the body of the message, or sending email to marjodomo@gibbon.com and put the words "subscribe gibbon_announce" in the body of the message. Contact Information ------------------- EMail: support@gibbon.com frickson@gibbon.com Postal Mail: Gibbon Computer Products, Inc. 9864 Palm St. NW Coon Rapids, MN 55433 Telephone: +1 612 754 6557 Finger: support@gibbon.com info@gibbon.com frickson@gibbon.com frickson@guenon.gibbon.com Talk: frickson@gibbon.com frickson@guenon.gibbon.com Information about other GCP products can be obtained as follows: FTP: ftp://ftp.gibbon.com/pub/gcp/catalog WWW: http://www.gibbon.com/catalog/ Two mailing lists are also available. Legal Stuff ----------- Copyright and License This document (GCPPGPFE.DOC), the program files GCPPGPFE.* and the source file (GCPPGPFE.E) ("the software") are copyrighted by the author. The copyright owner hereby licenses you to use the sofware given these restrictions: 1) Changes may be made to the software for your own use. These changes may not be redistributed as a package to any other party. No other changes may be made to the software or the documentation. 2) The software package must be distributed in its entirety. The package includes: GCPPGPFE.551, GCPPGPFE.600, GCPPGPFE.602, GCPPGPFE.603, GCPPGPFE.DOC, GCPPGPFE.E and CHANGES. 3) No fee or charge is to be collected for distribution in excess of $5.00US to cover the costs of materials, handling, postage, and general overhead without express written permission from the author. WARRANTY DISCLAIMER Gibbon Computer Products makes no warranty of any kind, either express or implied, including but not limited to implied warranties of merchantability and fitness for a particular purpose, with respect to this software and accompanying documentation. IN NO EVENT SHALL GIBBON COMPUTER PRODUCTS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, INDIRECT OR SIMILAR DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, OR OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OF, MISUSE OF OR INABILITY TO USE THIS PROGRAM, EVEN IF GIBBON COMPUTER PRODUCTS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Public Key for John C. Frickson ------------------------------- You should verify the public key below by getting a copy from a different source. It is available from my site at: ftp://ftp.gibbon.com/pub/gcp/gcp_public_key http://www.gibbon.com/links/gcp_public_key.html It is also available from the PGP keyservers. PGP Public Key Fingerprint: Type bits/keyID Date User ID pub 1024/CF1FE4E5 1994/06/10 John C. Frickson <frickson@gibbon.com> Key fingerprint = FD 74 3D 4E 20 9D FC 26 37 19 05 C7 B5 2B 36 E9 -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAi33vzEAAAEEAO3cXvFXAOuNL9gooWG9m1et+L+BfZFDGJdjcDPDzChLToum prA4ONeItXv+FKPa0hM4laOybCtgnIEKqotNwbbSzriZBs+08wJUgLVFdsaNmzJ5 X5YcWErzFzfSURK1BvXgR6wq/AJnFwazIMyZj79zdOfrgFGeqJUDRRPPH+TlAAUT tCZKb2huIEMuIEZyaWNrc29uIDxmcmlja3NvbkBnaWJib24uY29tPokAlQMFEC7x t4Zqg0EULITUtQEBuHQD/RuA7BdcT8jqQH2cJi+txmC1TyrUe8MEl3/3iNfJQgWp 1g6dpP/vVrEwZ/6tpizTXCe7Q7sU97857h8iFyBr9bAAQb0DEjgKPg+drX/BrnYN BuYTZ9EMWpD6V1hSXGER5JSQv6oZ8GRyJicg1PyQR+DzMt2uguT7Qu0EaqcNUoAF iQCVAwUQLw3BRGV5hLjHqWbdAQH1nAP9FBY77RtF7D5xG/bnXvqbherBBKSJcMBs g+RTEt9shPQE1KYS3KwIXG8Jk6KuxljgAofnhxb4J4KcmOWlLoGHxhWmhXxuaE1b tKcjNjNyuV0gnlUb2ZPPXIiCy2Ln03i2vT1dZ/WMdsvdLfZU4upFzLwUjphFdrpE n9UoplmLxaiJAJUCBRAuAdFqLT/deqWC+7sBAXoKA/92qwzgiBbjjSyAvfWdS6Re eRvg4YL6nZcuDh4pD/zoXPZjoGCMjU6hr08G2Xwq6KXRXXauxFgFzwGiCBDHETx1 RJoQyxWKzAK3zzPpvBfkjBhYsi0+4QhRjIixkP+1UJL65Bs7+Eeivk7Xsz7HTkL3 t1cCTPb0+Cwrzshs9bdc7IkAlQIFEC33v6OVA0UTzx/k5QEBAF8D/ijmsHap6MlT V9XMO4WxGWUWt1pPucS5AV55bqx2YzCE/90F9rJFohcajfkkDyqYPMWisDlf8i5/ R81bb4Fw75OCfHvobKBBfNcCuCpdISz/Dpo617wfDn725CVGXOHQWixjhv2Jp2i9 8KxrQmOmar2Tzz6XXe0YXehiHQKh4HND =pxqc -----END PGP PUBLIC KEY BLOCK-----