O.K. to use passphrase and sign you use the -s option, but you have to specify which key to use. Either using -signers-key-alias parameter or by having "signers_KEY_ALIAS" defined in the configuration file.
With the -s it should not sign the contents. On Thu, 22 Apr 2021 14:42:31 -0500, John S. Giltner, Jr. <[email protected]> wrote: >I looked at the Red Book. Does not really describe how to use pass phrase >with a signed key, it just says you can do it and it's optional. > >The examples I found for using pass phrase look just like your job. I don't >know if there is some option in the configuration file that could enable >signing with key by default. > > > >On Thu, 22 Apr 2021 14:39:26 +0000, Beesley, Paul <[email protected]> >wrote: > >>Quite possibly. I've spent the morning reading the (quite good) Redbook and >>have now got encryption working using recipient public keys, but it would be >>good to get it working with Pass Phrases too. >> >>This is my input toaJava: >>//MAINARGS DD * >>-homedir /etc/encryptionfacility/ >>-o '//BBSPDB0.EFR2.ENC.OUT' >>-s2k-passphrase OpenPGPTest >>-c '//BBSPDB0.JCL.CNTL(BBXSINIT)' >> >>In ibmef.conf I hav >> >>CIPHER_NAME AES_256 >>S2K_CIPHER_NAME AES_256 >> >>Best Regards >>Paul >> >>-----Original Message----- >>From: IBM Mainframe Discussion List <[email protected]> On Behalf Of >>John S. Giltner, Jr. >>Sent: 22 April 2021 14:07 >>To: [email protected] >>Subject: Re: IBM Encryption Facility for OpenPGP >> >>Caution! External email. Do not open attachments or click links, unless this >>email comes from a known sender and you know the content is safe. >> >>What command options did you use to encrypt on the z/OS side? >> >>I still trying to figure out some of the PGP stuff,ubut it looks like it >>encrypted the file with a passphrase, but it also signed something within the >>encrypted file with the default session key for your user-id on the z/OS side. >> >>---------------------------------------------------------------------- >>For IBM-MAIN subscribe / signoff / archive access instructions, send email to >>[email protected] with the message: INFO IBM-MAIN >>Atos is a trading name used by the Atos group. The trading entity is >>registered in England and Wales: Atos IT Services UK Limited (registered >>number 01245534). The registered office is located at: Second Floor, MidCity >>Place, 71 High Holborn, London, WC1V 6EA. The VAT No. is: GB232327983. >> >>This e-mail and the documents attached are confidential and intended solely >>for the addressee and may contain confidential or privileged information. If >>you receive this e-mail in error, you are not authorised to copy, disclose, >>use or retain it. Please notify the sender immediately and delete this email >>from your systems. As emails may be intercepted, amended or lost, they are >>not secure. Atos therefore can accept no liability for any errors or their >>content. Although Atos endeavours to maintain a virus-free network, we do not >>warrant that this transmission is virus-free and can accept no liability for >>any damages resulting from any virus transmitted. The risks are deemed to be >>accepted by everyone who communicates with Atos by email. >> >>---------------------------------------------------------------------- >>For IBM-MAIN subscribe / signoff / archive access instructions, >>send email to [email protected] with the message: INFO IBM-MAIN > >---------------------------------------------------------------------- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
