Thanks John. I now have it working with Pass Phrase encryption partly due to IBM support's help. This is my input: -use-mdc -t -s2k-mode 1 -s2k-passphrase OpenPGPTest
I had to code -use-mdc, otherwise I get a warning about lack of integrity and it fails to decrypt, despite using AES256 which should avoid this. Also get this with key encryption. So all working now, thanks to all who helped. Best Regards Paul -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of John S. Giltner, Jr. Sent: 22 April 2021 20:53 To: [email protected] Subject: Re: IBM Encryption Facility for OpenPGP Caution! External email. Do not open attachments or click links, unless this email comes from a known sender and you know the content is safe. O.K. to use passphrase and sign you use the -s option, but you have to specify which key to use. Either using -signers-key-alias parameter or by having "signers_KEY_ALIAS" defined in the configuration file. With the -s it should not sign the contents. On Thu, 22 Apr 2021 14:42:31 -0500, John S. Giltner, Jr. <[email protected]> wrote: >I looked at the Red Book. Does not really describe how to use pass phrase >with a signed key, it just says you can do it and it's optional. > >The examples I found for using pass phrase look just like your job. I don't >know if there is some option in the configuration file that could enable >signing with key by default. > > > >On Thu, 22 Apr 2021 14:39:26 +0000, Beesley, Paul <[email protected]> >wrote: > >>Quite possibly. I've spent the morning reading the (quite good) Redbook and >>have now got encryption working using recipient public keys, but it would be >>good to get it working with Pass Phrases too. >> >>This is my input toaJava: >>//MAINARGS DD * >>-homedir /etc/encryptionfacility/ >>-o '//BBSPDB0.EFR2.ENC.OUT' >>-s2k-passphrase OpenPGPTest >>-c '//BBSPDB0.JCL.CNTL(BBXSINIT)' >> >>In ibmef.conf I hav >> >>CIPHER_NAME AES_256 >>S2K_CIPHER_NAME AES_256 >> >>Best Regards >>Paul >> Atos is a trading name used by the Atos group. The trading entity is registered in England and Wales: Atos IT Services UK Limited (registered number 01245534). The registered office is located at: Second Floor, MidCity Place, 71 High Holborn, London, WC1V 6EA. The VAT No. is: GB232327983. This e-mail and the documents attached are confidential and intended solely for the addressee and may contain confidential or privileged information. If you receive this e-mail in error, you are not authorised to copy, disclose, use or retain it. Please notify the sender immediately and delete this email from your systems. As emails may be intercepted, amended or lost, they are not secure. Atos therefore can accept no liability for any errors or their content. Although Atos endeavours to maintain a virus-free network, we do not warrant that this transmission is virus-free and can accept no liability for any damages resulting from any virus transmitted. The risks are deemed to be accepted by everyone who communicates with Atos by email. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
