[Gpg4win-devel] Progress on PGP/MIME

Werner Koch wk at gnupg.org
Sat Sep 8 14:30:17 CEST 2007


Hi!

This is heads up on some progress I made in having Outlook create
PGP/MIME signed messages as well as PGP/MIME encrypted messages.  GpgOL
is able to read such message for quite some time now.  With this last
hack it will be fully PGP/MIME (RFC3156) compliant.

I finished the framework code today and though there is no actual
encryption or signing yet in the code, the MIME structure is in place
and dummy messages have neen successfully sent.  The actual crypto stuff
will be implemented in the next week so that at this time brave hackers
may use a alpha version of gpgol.dll to check out this new feature.

I have tested the creation code with OL2003 running on XPPro as well as
with OL2007 running on Vista.  What I don't know is how it will work in
an Exchange environment.  If someone want to test this right now, I have
made a testing version available:

  ftp://g10code.com/g10code/scratch/gpgol.dll-alpha-svn175
  ftp://g10code.com/g10code/scratch/gpgol.dll-alpha-svn175.sig

WARNING: This is really really a testing version.  Do not use it in a
production environment.  Because gpgol.dll modifies the message class of
S/MIME messages you should MAKE SURE THAT YOU DO NOT RECEIVE ANY S/MIME
MESSAGE WHILE GPGOL IS INSTALLED - THEY WON'T BE READABLE ANYMORE.  You
have been warned.  Rename it to gpgol.dll and copy it over an old
gpgol.dll.  Note that sign+encrypt does not yet work, verification and
decryption is probably also broken.  The source is at
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/?root=GpgOL&rev=175

To check whether the code works, you need to look at the MIME structure
on the receiving site (which should not be some standard RFC822 aware
MUA).  A signed mail (w/o attachments) should look like this (I removed
all top headers except for Content-Type):

    Content-Type: multipart/signed;
    	protocol="application/pgp-signature";
    	boundary="=-=o7UD3FMWOR04T9=-="
    
    Dies ist eine mehrteilige Nachricht im MIME-Format.
    
    --=-=o7UD3FMWOR04T9=-=
    Content-Type: text/plain;
    	charset="us-ascii"
    Content-Transfer-Encoding: 7bit
    
    This mail ist signed
    
    
    
    --=-=o7UD3FMWOR04T9=-=
    Content-Transfer-Encoding: 7bit
    Content-Type: application/pgp-signature
    
    --=-=@SIGNATURE@
    
    
    --=-=o7UD3FMWOR04T9=-=--
    

The "--=-=@SIGNATURE@" string will later be replaced by the actual
signature.  Here is an encrypted message with a body and an attachment:


    Content-Type: multipart/encrypted;
    	protocol="application/pgp-encrypted";
    	boundary="=-=l1PPQ8d7SoCPH0=-="
    
    Dies ist eine mehrteilige Nachricht im MIME-Format.
    
    --=-=l1PPQ8d7SoCPH0=-=
    Content-Transfer-Encoding: 7bit
    Content-Type: application/pgp-encrypted
    
    Version: 1
    
    --=-=l1PPQ8d7SoCPH0=-=
    Content-Transfer-Encoding: 7bit
    Content-Type: application/octet-stream
    
     ENCRYPTEDDATA Follows:
    
  
   &Content-Type: multipart/mixed;
   &	boundary="=-=cJHpiM7bjDv2vH=-="
   &
   &
   &--=-=cJHpiM7bjDv2vH=-=
   &Content-Type: text/plain;
   &	charset="utf-8"
   &Content-Transfer-Encoding: quoted-printable
   &
   &This is the Body
   &
   &--=20
   &with a signature
   &
   &--=-=cJHpiM7bjDv2vH=-=
   &Content-Type: application/octet-stream;
   &	name="blabla"
   &Content-Transfer-Encoding: base64
   &Content-Disposition: attachment;
   &	filename="blabla"
   &
   &[Base64 encoded data]
   &
   &--=-=cJHpiM7bjDv2vH=-=--
   
    --=-=l1PPQ8d7SoCPH0=-=--
  

The lines marked with & indicated the part which will later be
encrypted.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 204 bytes
Desc: not available
Url : http://lists.wald.intevation.org/pipermail/gpg4win-devel/attachments/20070908/f383c116/attachment.pgp


More information about the Gpg4win-devel mailing list