A new (1.9.2002) fix level is now available with the following changes/fixes PGP 2.6.3is
On September 20th 2000 the RSA patent expires so the binaries can be used in America
On September 6th RSA announced that:
it has released the RSA public key encryption algorithm into the public domain, allowing anyone to create products that incorporate their own implementation of the algorithm. This means that RSA Security has waived its rights to enforce the patent for any development activities that include the RSA algorithm occurring after September 6, 2000.
pgp 2.6.3i contains one other patented algorythm.
The IDEA patent is owned by ASCOM SYSTEC AG and is now marketed by Media Crypt AG both swiss companies the per user license is cheap. You need a license for *comercial* use of IDEA. Non commercial use of freeware containing the IDEA algorythm does not require a license. You can license your use of the IDEA algorythm on-line via Media Crypt AG Web Server
The port is not perfect and has a few restrictions especially if you are using it on *datasets* as DCB support is not in the product, you need to use SMS to fill in DCB info if needed (lrecl for example) and the keygen function requires that you use the +NOMANUAL switch as it cant find the manuals :-( .
The encryption de-encryption key management and generation functions work fine up to a key size of 2048 or less.
Downloading it from my site is NOT illegal for US or non US citizens. But if a US based person were to download pgp and place it on a US site where a non US citizen then downloaded it, that would be illegal. (Re-Exporting), so please take care not to do that.
#make os390 make all CPP=/lib/cpp OBJS_EXT="c370.o" CFLAGS=" -O -DC370" cc -O -DC370 -c pgp.c cc -O -DC370 -c crypto.c cc -O -DC370 -c keymgmt.c cc -O -DC370 -c fileio.c WARNING CBC3236 ./c370.h:114 Macro name ENOENT has been redefined. FSUM3065 The COMPILE step ended with return code 4. cc -O -DC370 -c mdfile.c cc -O -DC370 -c more.c cc -O -DC370 -c armor.c cc -O -DC370 -c mpilib.c cc -O -DC370 -c mpiio.c cc -O -DC370 -c genprime.c cc -O -DC370 -c rsagen.c cc -O -DC370 -c random.c cc -O -DC370 -c idea.c cc -O -DC370 -c passwd.c cc -O -DC370 -c md5.c cc -O -DC370 -c system.c cc -O -DC370 -c language.c cc -O -DC370 -c getopt.c cc -O -DC370 -c keyadd.c cc -O -DC370 -c config.c cc -O -DC370 -c keymaint.c cc -O -DC370 -c keymaint.c cc -O -DC370 -c charset.c cc -O -DC370 -c randpool.c cc -O -DC370 -c noise.c cc -O -DC370 -c zbits.c cc -O -DC370 -c zdeflate.c cc -O -DC370 -c zfile_io.c cc -O -DC370 -c zglobals.c cc -O -DC370 -c zinflate.c cc -O -DC370 -c zip.c cc -O -DC370 -c zipup.c cc -O -DC370 -c ztrees.c cc -O -DC370 -c zunzip.c cc -O -DC370 -c rsaglue1.c cc -O -DC370 -c c370.c cc -o pgp pgp.o crypto.o keymgmt.o fileio.o mdfile.o more.o armor.o mpilib.o mp iio.o genprime.o rsagen.o random.o idea.o passwd.o md5.o system.o language.o g etopt.o keyadd.o config.o keymaint.o charset.o randpool.o noise.o zbits.o zdef late.o zfile_io.o zglobals.o zinflate.o zip.o zipup.o ztrees.o zunzip.o rsaglue 1.o c370.o #ls -lisa pgp 5951544 -rwxr-xr-x 1 BPXOINIT OOMVSUSR 790528 Sep 20 13:54 pgp #cp pgp /usr/local/bin #pgp No configuration file found. Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 International version - not for use in the USA. Does not use RSAREF. Current time: 2000/09/20 12:16 GMT For details on licensing and distribution, see the PGP User's Guide. For other cryptography products and custom development services, contact: Philip Zimmermann, 3021 11th St, Boulder CO 80304 USA, phone +1 303 541-0140 For a usage summary, type: pgp -h #./pgp +NOMANUAL -kg No configuration file found. Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 International version - not for use in the USA. Does not use RSAREF. Current time: 2000/09/20 12:30 GMT Pick your RSA key size: 1) 512 bits- Low commercial grade, fast but less secure 2) 768 bits- High commercial grade, medium speed, good security 3) 1024 bits- "Military" grade, slow, highest security Choose 1, 2, or 3, or enter desired number of bits: 3 3 Generating an RSA key with a 1024-bit modulus. You need a user ID for your public key. The desired form for this user ID is your name, followed by your E-mail address enclosed in
, if you have an E-mail address. For example: John Q. Smith <firstname.lastname@example.org> Enter a user ID for your public key: Al Nichols Al Nichols You need a pass phrase to protect your RSA secret key. Your pass phrase can be any sentence or phrase and may have many words, spaces, punctuation, or any other printable characters. Enter pass phrase: blahblah Enter same pass phrase again: blahblah Note that key generation is a lengthy process. We need to generate 952 random bits. This is done by measuring the time intervals between your keystrokes. Please enter some random text on your keyboard until you hear the beep: 952 sdf sdf sdf 816 iohafdg h 736 oihsdoihf s 640 sdof hiohdsf 536 pihsdfhpsd 448 s 432 s 416 sdofkjps jspdjf 288 posjdpfjosfd 184 psojdfoj spojdf ojsdpjof sdf psodjf psodjf 0 * -Enough, thank you. ........................**** ................................................... ................................................................................ .**** Pass phrase is good. Just a moment.... Key signature certificate added. Key generation completed. #chmod 700 secring.pgp #pgp -kxa Al Nichols No configuration file found. Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 International version - not for use in the USA. Does not use RSAREF. Current time: 2000/09/20 12:43 GMT Extracting from key ring: 'pubring.pgp', userid "Al". Key for user ID: Al Nichols 1024-bit key, key ID FE4A5AD5, created 2000/09/20 Transport armor file: Nichols.asc Key extracted to file 'Nichols.asc'. #cat Nichols.asc Type Bits/KeyID Date User ID pub 1024/FE4A5AD5 2000/09/20 Al Nichols -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3ia mQCNAznIsA4AAAEEALE9XKaQGSV5eAzc0nQrGYyXZfQr/OyllP2xVzq0RnV4i/nQ yXjwX5wpw2MZxchy1qmCHqiGA8nxanV0FKZ8BQzZdCZzUJXgLvRKny+QodKnVak5 uabsKA7RRSghQSHEiAqt8g/8/UfzED0nN151MAVFM4Ya4wV4Xt42SO7+SlrVAAUR tBxBbCBOaWNob2xzIDxhbGFuQG5pY2hvbHMuZGU+iQCVAwUQOciwDt42SO7+SlrV AQEjzAQAjDZGw5oY4a1qpfCqGDnZgtV0fdruzUMIdijT5SqX+4NDCS7cWTFZwy/F P52gG1WDetbYXFkmIo6Rweui5T64vCB1PMcaobC6UW9ygbyY47q6GdkPCIoRSmr2 dlYHH+Hc5w/swVmYC92EL4Kbq+WoohluUk6UGIBx24GiuSlh0RM= =aSBx -----END PGP PUBLIC KEY BLOCK-----
You can then cut and paste this and send it to other PGP users or put in on the world wide web.
pgp runs and works in the shell and in batch and under TSO.
//JOBNAMES JOB (ACCOUNT),AL,MSGCLASS=X,MSGLEVEL=(1,1), // NOTIFY=&SYSUID,CLASS=A,REGION=6M //INET EXEC PGM=BPXBATCH,REGION=4096K,TIME=NOLIMIT, // PARM='SH /usr/local/bin/pgp -d testout2.txt.pgp ' //CEEDUMP DD SYSOUT=* //SYSERR DD PATH='/tmp/pgpbatch.syserr', // PATHOPTS=(OWRONLY,OCREAT,OTRUNC), // PATHMODE=SIRWXU //STDOUT DD PATH='/tmp/pgpbatch.stdout', // PATHOPTS=(OWRONLY,OCREAT,OTRUNC), // PATHMODE=SIRWXU //STDERR DD PATH='/tmp/pgpbatch.stderr', // PATHOPTS=(OWRONLY,OCREAT,OTRUNC), // PATHMODE=SIRWXU //SYSOUT DD PATH='/tmp/pgpbatch.sysout', // PATHOPTS=(OWRONLY,OCREAT,OTRUNC), // PATHMODE=SIRWXU //STDIN DD PATH='/u/myhome/passin' The user id that runs the job has their pgp ring files in their home directory. The pgp binary is in the path.
If you want to run it in *MVS* or from TSO then use the
following link job (or in 2.9 just usethe cp command). Please note the SYSLMOD below should reference a PDS-E
//LKED EXEC PGM=IEWBLINK,REGION=2M, // PARM='LIST,NCAL,LET,MAP' //SYSPRINT DD SYSOUT=X //SYSLMOD DD DSN=SYS1.LOCAL.LINKLIB,DISP=SHR //* //PGP DD PATH='/usr/local/bin/pgp' //SYSLIN DD * INCLUDE PGP NAME PGP(R) /*
Here is an example of running pgp as a batch job directly. WITHOUT the use of Unix System Services (ie NOT BPXBATCH). If you just want to run in batch then use BPXBATCH to execute a shell wrapper for pgp
//STEP1 EXEC PGM=PGP,PARM='+NOMANUAL -e TEXTDATA alan' //SYSIN DD * //SYSOUT DD SYSOUT=* //SYSPRNT DD SYSOUT=*and here is another
//STEP1 EXEC PGM=PGP, // PARM='+NOMANUAL +ARMORLINES=0 -d um.out.asc' //SYSIN DD * blahblah //SYSOUT DD SYSOUT=* //SYSPRNT DD SYSOUT=*
You can generate keys in batch or under TSO, but this is NOT RECOMMENDED. Please use an ssh session to generate your private/public keypair.
If you are dealing with ascii machines note that an encoded ascii file from a PC will be *still* be ascii when you decode it on OS/390. Use the dosfix program from bbtools package on the tools download page to convert it into the write code page, (or use iconv if you are feeling brave :-). dosfix has the advantage of dealing with those CRLF issues.
Now read and understand the pgp documentation included in the package.
The OS/390 Docs are *ONLY* concerned with OS/390 specifics .