Re: popularity-contest and gpg

Thu, 27 Mar 2025 15:46:26 -0700 

On Fri, Mar 28, 2025 at 12:44:47AM +0200, Peter Pentchev wrote:
> On Thu, Mar 27, 2025 at 10:46:23PM +0100, Bill Allombert wrote:
> > On Thu, Mar 27, 2025 at 11:22:50PM +0200, Peter Pentchev wrote:
> > > > I am among the people who have moved towards the Sequoia family of
> > > > cryptographic tools; in particular, sqop (a Sequoia implementation of
> > > > the SOP command-line interface) seems to work:
> > > > 
> > > >     [roam@straylight ~]$ echo canttouchthis | sqop encrypt 
> > > > /usr/share/popularity-contest/debian-popcon.gpg | pgpdump
> > > >     New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
> > > >             New version(3)
> > > >             Key ID - 0x4E9024B327CBD937
> > > >             Pub alg - RSA Encrypt or Sign(pub 1)
> > > >             RSA m^e mod n(4095 bits) - ...
> > > >                     -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 
> > > > block type 02
> > > >     New: Symmetrically Encrypted and MDC Packet(tag 18)(63 bytes)
> > > >             Ver 1
> > > >             Encrypted data [sym alg is specified in pub-key encrypted 
> > > > session key]
> > > >                     (plain text + MDC SHA1(20 bytes))
> > > >     [roam@straylight ~]$
> > > > 
> > > > Hope that helps!
> > > 
> > > Sent too fast. What I really intended to suggest was to support any SOP
> > > implementation (the command-line interface is the same, that's the point) 
> > > and
> > > possibly prefer one as default. See e.g. dpkg-buildpackage for
> > > an example (and a great big thanks, Guillem! the SOP support there made
> > > unattended automated signing much easier!).
> > 
> > Could you provide a patch for supporting that ?
> > (the file is /etc/cron.daily/popularity-contest)
> 
> Here you go. Let me know if you'd like me to rename the variables to
> uppercase, change the indentation, or change anything else to make it
> easier for you to review.
> 
> (the patch itself is much clearer if you apply it and then run
>  `diff -b` against the original)

Also, let me know if you'd like me to add support for specifying
the program and the mode (gnupg or sop) in the configuration settings.

G'luck,
Peter

-- 
Peter Pentchev  r...@ringlet.net r...@debian.org pe...@morpheusly.com
PGP key:        https://www.ringlet.net/roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13

Attachment: signature.asc
Description: PGP signature

Reply via email to