Thunderbird OpenPGP [closed] - add-on

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have started to use openPGP in thunderbird (enigmail 1.4) for signing my messages
But it is generating something like
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
signed message by openpgp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcasdfasdfasdfasdf.....E
-----END PGP SIGNATURE-----
If i am not mistaken sha1 is very old how to change for example to sha-3 and how to delete the line comment:....
Thank you !

You can access those properties through Thunderbird Options > Advanced > General > Config Editor…
(Equivalent to about:config)
Then type extensions.enigmail.mimeHashAlgorithm
The following values are available:
0 - automatic selection, let GnuPG choose
1 - SHA1
2 - RIPEMD160
3 - SHA256
4 - SHA384
5 - SHA512
6 - SHA224
For the comment, you can go to OpenPGP > Preferences > Display Expert Settings > Advanced > uncheck "Add Enigmail comment in OpenPGP signature".
(Alternatively, from Config editor: extensions.enigmail.useDefaultComment.)
Many other settings are detailed here : https://www.enigmail.net/documentation/userprefs.php

Related

How to write ca-certificate via terminal in one line? [closed]

Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 11 hours ago.
The community is reviewing whether to reopen this question as of 4 hours ago.
Improve this question
I am working with a mobile network module via AT commands.
HTTPS requests are working fine. However I do struggle to enter the ca-cert correctly.
I am quite certain that this is some simple fault of mine.
Normally the PEM encoded cert would be like this:
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gXXXXXXXRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
...
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
-----END CERTIFICATE-----
So to make it a one-liner I transformed it to this:
-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gXXXXXXXRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n...AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\n-----END CERTIFICATE-----\n
This was my attempt in sending the whole certificate in one string as needed by the module (Adrastea 1). I was using the given terminal tool by the manufacturer but also putty. In both cases I could not make to send multi-line AT commands. Neither with shift+Enter nor with a copied commands into Putty.
The feedback I get from the module is pretty narrow, it accepts the commmand itself with an OK, but this only means that the syntax of the command is correct, not specifically the certificate I provided. When I try to request an HTTPS website afterwards the module crashes and restart, so there should be definetly something wrong with the way I inserted the certificate.
This is the whole command I send to write the cert to a file. I shorted and changed the certificate of course
AT%CERTCMD="WRITE","certificate1.pem",0,\r\n"-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\n-----END CERTIFICATE-----\n"

How to use a GPG key for SSH on macOS [closed]

Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 days ago.
Improve this question
Basically, my goal is to use a single key for everything. I have a GPG key that I imported onto my MacBook, and would like to use that key for SSH authentication. However, despite my several attempts, I cannot get my key to list. I have, for the most part, been following the guide here: https://gregrs-uk.github.io/2018-08-06/gpg-key-ssh-mac-debian/ trying minor variations to see if it would have an impact. But when I run ssh-add -l I get the customary "The agent has no identities."
I notice the guide is relatively old (written in 2018), so has anyone had success with using a GPG key for SSH on Mac? Is it simply a lost cause? Any help would be much appreciated!
Added enable-ssh-support to my gpg-agent.conf file
Added the GPG key keygrip to my sshcontrol file
Added:
export GPG_TTY=$(tty)
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
gpgconf --launch gpg-agent
to my .zprofile (I suspect this is where the issue lies)
And still nothing after running ssh-add -l

How to restore the deleted EFS certificate [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I accidently deleted EFS (Encrypting File System) certificate by using the properties form in the Internet Explorer and now I don't have access to my encrypted files.
Is there any option to restore the certificate?
I can see this certificate in the system but when I imported it back, it is not shown that the certificate has a private key.
In my case, I found another version of the same certificate in certmgr.msc and luckily this version has a private key. I exported the certificate and then imported it into the personal folder. The access to the encrypted files was restored.

Mixed Hash Algorithm within Certificate Chain [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
We have an internal customer which has issued a Root CA using SHA-1 (which both they and us know should be deprecated) and have issued a server certificate from the Root CA with a Hash Algorithm of SHA2. A team member suggested that this cannot be support as all Hash Algorithm of the certificates must match, but having no understanding of the topic I set out to google to find if there are reasons for a mixed hash environment being unsupported as intuitively I thought a leaf certificate should be able to be a lower encryption level than the root. Finding no comprehensive answer I end up here. Our situation raises three questions for me:
Must the Hash Algorithm remain static for each certificate in the chain of trust?
If Hash Algorithm maybe different can bottom certificate be of a higher or lower public key level?
Could each certificate in a chain use a random encryption level?
There can be mixed signature algorithms used for the certificates. Apart from that the signature of the root certificate is not checked anyway so the algorithm used their does not matter. The root certificate is trusted just because it is in the local trust store and not because it was signed by somebody (usually signed by itself).

Can digital signature certificate be used for code signing? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
I am an individual developer and want to use code signing for my exes. I am new to this and don't know much about it. Can a normal digital signature certificate be used for code signing? Verisign, thawte etc are costly for me. This site looks affrodable for me. They sell digital signatures. Will it serve my purposes?
Code signing certificate must have proper flag set in ExtKeyUsage extension, i.e. this is a special kind of certificate. This company doesn't seem to offer such certificates.

Resources