Great.
And in my last post it should have said:
WithOUT the -s it should not sign the contents.
On Fri, 23 Apr 2021 11:08:37 +0000, Beesley, Paul <[email protected]> wrote:
>Thanks John. I now have it working with Pass Phrase encryption partly due to
>IBM support's help.
>This is my input:
>-use-mdc
>-t
>-s2k-mode 1
>-s2k-passphrase OpenPGPTest
>
>I had to code -use-mdc, otherwise I get a warning about lack of integrity and
>it fails to decrypt, despite using AES256 which should avoid this. Also get
>this with key encryption.
>
>So all working now, thanks to all who helped.
>
>Best Regards
>Paul
>
>-----Original Message-----
>From: IBM Mainframe Discussion List <[email protected]> On Behalf Of
>John S. Giltner, Jr.
>Sent: 22 April 2021 20:53
>To: [email protected]
>Subject: Re: IBM Encryption Facility for OpenPGP
>
>Caution! External email. Do not open attachments or click links, unless this
>email comes from a known sender and you know the content is safe.
>
>O.K. to use passphrase and sign you use the -s option, but you have to specify
>which key to use. Either using -signers-key-alias parameter or by having
>"signers_KEY_ALIAS" defined in the configuration file.
>
>With the -s it should not sign the contents.
>
>On Thu, 22 Apr 2021 14:42:31 -0500, John S. Giltner, Jr. <[email protected]>
>wrote:
>
>>I looked at the Red Book. Does nor really describe how to use pass phrase
>>with a signed key, it just says you can do it and it's optional.
>>
>>The examples I found for using pass phrase look just like your job. I don't
>>know if there is some option in the configuration file that could enable
>>signing with key by default.
>>
>>
>>
>>On Thu, 22 Apr 2021 14:39:26 +0000, Beesley, Paul <[email protected]>
>>wrote:
>>
>>>Quite possibly. I've spent the morning reading the (quite good) Redbook and
>>>have now got encryption working using recipient public keys, but it would be
>>>good to get it working with Pass Phrases too.
>>>
>>>This is my input toaJava:
>>>//MAINARGS DD *
>>>-homedir /etc/encryptionfacility/
>>>-o '//BBSPDB0.EFR2.ENC.OUT'
>>>-s2k-passphrase OpenPGPTest
>>>-c '//BBSPDB0.JCL.CNTL(BBXSINIT)'
>>>
>>>In ibmef.conf I hav
>>>
>>>CIPHER_NAME AES_256
>>>S2K_CIPHER_NAME AES_256
>>>
>>>Best Regards
>>>Paul
>>>
>Atos is a trading name used by the Atos group. The trading entity is
>registered in England and Wales: Atos IT Services UK Limited (registered
>number 01245534). The registered office is located at: Second Floor, MidCity
>Place, 71 High Holborn, London, WC1V 6EA. The VAT No. is: GB232327983.
>
>This e-mail and the documents attached are confidential and intended solely
>for the addressee and may contain confidential or privileged information. If
>you receive this e-mail in error, you are not authorised to copy, disclose,
>use or retain it. Please notify the sender immediately and delete this email
>from your systems. As emails may be intercepted, amended or lost, they are not
>secure. Atos therefore can accept no liability for any errors or their
>content. Although Atos endeavours to maintain a virus-free network, we do not
>warrant that this transmission is virus-free and can accept no liability for
>any damages resulting from any virus transmitted. The risks are deemed to be
>accepted by everyone who communicates with Atos by email.
>
>----------------------------------------------------------------------
>For IBM-MAIN subscribe / signoff / archive access instructions,
>send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
