IBM AIX Implementation of OpenPGP message format

A command line tool for exploiting security services provided by OpenPGP message format using the IBM cryptographic library.

Date Posted: October 18, 2007

Overview Requirements Download FAQs Forum Reviews 1. What is OpenPGP ? 2. Where should I start? 3. What can I do with the generated key-pair? 4. How does the tool encrypt data? 5. Can I use the tool to decrypt or verify an OpenPGP message that was encrypted or signed by another type of PGP software? 6. Does the tool has all the features mentioned in RFC 2440? 7. Can I get rid of old or unwanted keys? 8. After I delete my private or public key, will I be able to generate the same key? 9. I am not able to decrypt the data properly; what is the reason? 1. What is OpenPGP ? OpenPGP is a protocol for providing security services. It is a standard described by RFC (Requests For Comments) 2440. OpenPGP is also known as PGP (pretty good privacy). For more information on OpenPGP, please refer to Wikipedia's "Pretty Good Privacy" entry and to this document about OpenPGP. Back to top 2. Where should I start? The first place you should begin is with your own key-pair generation. This will help you further in performing operations such as encryption/decryption, signing, and verification. Please read the "ReadMe" file for more detailed information and examples of using IBM® AIX® Implementation of OpenPGP message format. Back to top 3. What can I do with the generated key-pair? The generated key pair will have a public key and secret/private key. A public key is the one that can be distributed to others (using the exportkey operation) so that they can encrypt data for you and verify the data signed by you. The private key should be preserved with you only. Back to top 4. How does the tool encrypt data? This tool first creates a random session key. Using this key, it encrypts the data. Later on it encrypts the key itself, either with the recipient's public key or a symmetric key. All this is clubbed together to form an OpenPGP message. Back to top 5. Can I use the tool to decrypt or verify an OpenPGP message that was encrypted or signed by another type of PGP software? Yes. The tool adheres to RFC 2440, so it is interoperable with other PGP software implementing RFC 2440. Back to top 6. Does the tool has all the features mentioned in RFC 2440? The current version (1.0) does not have all the features of RFC 2440. For further details on support and limitations, please see the "ReadMe" file. Back to top 7. Can I get rid of old or unwanted keys? The tool provides basic key management facility for adding, deleting, and listing the keys. Back to top 8. After I delete my private or public key, will I be able to generate the same key? Its not possible to have the same key generated again. All the keys generated are unique. Back to top 9. I am not able to decrypt the data properly; what is the reason? Please ensure that you are using proper keys and that the data you are handling is not corrupted. IBM and AIX are trademarks of IBM Corporation in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. Back to top