pgp

Github supports signing commits with a PGP key. We have an open source project, that accepts contributors from people without PGP keys. Security is essential for us, and so we decided that each person who merges pull requests will sign the merges with his PGP key, and so each actual commit will either be directly signed by the author, and/or by the merger. What is the best way to setup a continous integration build that makes sure this actually happens? We want the build to fail, alarms to go off, and possibly the commit/merge reverted, if anyone commits or merges code into the main repo,

Is there any Python API which can fetch a PGP public key from the public key server? You can use HTTP (urllib2 and beautiful soup would be my choice) if you're querying the MIT PGP keyserver. http://pgp.mit.edu/extracthelp.html 来源： https://stackoverflow.com/questions/1254425/python-api-to-fetch-pgp-public-key-from-key-server

I'm currently working on openpgp in combination with golang. I use the following code to generate a new keypair and create a self-signature on the resulting public key: package main import ( "bytes" "crypto" "time" "golang.org/x/crypto/openpgp" "golang.org/x/crypto/openpgp/armor" "golang.org/x/crypto/openpgp/packet" "fmt" ) //Create ASscii Armor from openpgp.Entity func PubEntToAsciiArmor(pubEnt *openpgp.Entity) (asciiEntity string) { gotWriter := bytes.NewBuffer(nil) wr, errEncode := armor.Encode(gotWriter, openpgp.PublicKeyType, nil) if errEncode != nil { fmt.Println("Encoding Armor ",

We use the Bouncy.Castle C# API to do PGP encryption. I am by no means an expert on PGP encryption and the various options available. The encryption seems to run fine, however, when the client tries to decrypt it, he says that PGP won't output to file but only output to screen because it is marked "For your eyes only." This is the --verbose message: pgp --decrypt Client_FileExport_20110510_020011.zip.pgp Client_FileExport_20110511_132203.zip.pgp --info verbose McAfee E-Business Server v8.5 - Full License (c) 1991-2006 McAfee, Inc. All Rights Reserved. Setting temporary directory to C:\DOCUME~1

I want to develop a small OpenPGP client and I'm searching for a Java library for OpenPGP. Are there any (open source) recommendations for this approach? Cryptix.org does not seem alive anymore... guerda I found the BouncyCastle library, for Java and C#. I haven't any experiences with it. I will try it and report here. It provides: A lightweight cryptography API for Java and C#. A provider for the Java Cryptography Extension and the Java Cryptography Architecture. A clean room implementation of the JCE 1.2.1. A library for reading and writing encoded ASN.1 objects. A light weight client-side

I am trying to decrypt messages using pyme (a python wrapper from gpgme). It works fine if I type in the password when it prompts but I cannot get the passphrase callback to work. Here is the code import pyme.core def Callback( x, y, z ): print 'in passphrase callback' return 'passphrase' plain = pyme.core.Data() cipher = pyme.core.Data(sys.stdin.read()) c = pyme.core.Context() c.set_armor(1) c.set_passphrase_cb(Callback) c.op_decrypt( cipher, plain ) plain.seek(0,0) print plain.read() When I run this and don't provide the password interactively the program then tries the Callback printing 'in

All i need to do is verify the message below but I can not get Bouncy Castle to take the data in and given the public key verify the message. I am happy for it to be some other Lib that is used if it is free. This is to be embedded in my app that receives data over the Internet so i would prefer to keep it all managed code if at all possible. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCI Version: 1.0 SCI Code: 1 SCI Reason: OK SCI Balance: 0.00050000 -----BEGIN PGP SIGNATURE----- Version: GnuPG/MBC v1.0 iQEcBAEBAgAGBQJOGSuYAAoJEJ+5g06lAnqFkdsH/0NoqQbNvR8ZPe8D4gL4gvff 6K1t2LOt0sQGj