I had a few request to look into the PGP library I released for ColdFusion and Railo last year. It took me a while to understand my own code, then, a while longer to implement the features that I wanted to add ;o)
The main add on this time is the ability to create single pass signed files. This allows you to create a file where you are assured that only the authorized receiver can read them, while the receiver is assured that the sender is authentic as well. Yep, I know sound like cold-war stuff, but it is quite common scenario in financial exchanges to assure both sides that everything is the way it should be.
To a lesser level some other additions and bug fixes were completed as well.
All this, as usual is open source.
You can download code, examples, and implementation from here:
http://pgp.riaforge.org
Best,
B.
The main add on this time is the ability to create single pass signed files. This allows you to create a file where you are assured that only the authorized receiver can read them, while the receiver is assured that the sender is authentic as well. Yep, I know sound like cold-war stuff, but it is quite common scenario in financial exchanges to assure both sides that everything is the way it should be.
To a lesser level some other additions and bug fixes were completed as well.
All this, as usual is open source.
You can download code, examples, and implementation from here:
http://pgp.riaforge.org
Best,
B.
2 comments:
Hi Bilal,
I was hoping you could help me to migrate to using your cfc. I have been using com (nsdpgp3.dll) and PGP Desktop for years to simply decrypt files on my cf server.
I have always had trouble understanding how to add new keys/keyrings and portability has always been an issue for me with the PGP Desktop software so I needed to move over to another simpler platform.
For the last 2 days, I've been trying to get the BonCode PGP library to work for me and I need some help.
Essentially, I have performed the following steps.
First) Made sure the examples of decrypting are working to make sure the environment is set up correctly and they are. Then I:
1) exported my key pair (public and private) out of PGP Desktop
2) Separated the keys into separate files called Public_1.asc and Private_1.asc and placed them in the BonCodePGP\keys folder.
3) Try and decrypt the file and I get an "Error Occured
File could not be decrypted, please check your private key pass phrase. " error.
3) After that I'm stuck so I tried doing the following other things.
a) Encrypt a file using my Private_1.asc key and
b) Decrypt that same file and that worked.
The only difference is that the pgp file I'm trying to decrypt was created by a different machine.
Interestingly enough I was able to add a new key and decrypt the file using only PGP Desktop very easily.
Other questions that loom are: a) If i create a new key using BonCode, how to I modify the passphrase away from the default. I don't really see a way of doing that.
I thank you many times in advance.
@Eric:
Eric PGP Desktop and BonCode PGP serve different audiences. The connector is meant for scripted system to system exchanges of messages and automation of processes, the Desktop is meant for single user to exchange documents and messages. As such it is expected that you will write code to make use of the BonCode PGP library.
You, can however, exchange keys between them and it should work. E.g. you can generate the keys to use for BonCode using the PGP desktop if this is more convenient and vice versa.
If understand this correctly you have not looked into the library component but derived capability from the sample implementation. The example only shows you a small piece of options; please review the PGPController.cfc for the full range of arguments and functions you can call. This also shows how to set different secret key passwords.
If you have any issues with coding the calls, you can contact me via project home: pgp.riaforge.org.
A good primer and more background on PGP: http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Post a Comment