************************************************** README FILE FOR PGP WINSHELL ************************************************** Welcome to PGP WinShell. We at Black Gate Publishing have made this tool freely available in the hope that more people will begin to protect their privacy by using PGP ("Pretty Good Privacy"), a DOS program which scrambles (or "encrypts") your electronic communication so that only the intended recipient can read it. PGP WinShell is a small, quick program intended to make PGP's more common functions easy to use under Windows 3.1. PGP is a very powerful program, and PGP WinShell only scratches the surface of PGP's abilities. Nonetheless, PGP WinShell will make it much easier for you to use PGP's most common functions. INSTALLING PGP WINSHELL: ================================ You must already have a copy of Pretty Good Privacy on your computer. PGP WinShell works by sending messages to PGP, which PGP then executes. You must also have the file VBRUN300.DLL (the Visual Basic 3.0 dynamic link library) in your Windows/System directory. You may find PGP at a variety of BBS systems, including CompuServe and GEnie. VBRUN300.DLL is available at these locations, as well. The following PGP WinShell files must be installed in the same directory as PGP. PGPWSH.EXE - The PGP WinShell program PGPWSH.INI - The PGP WinShell initialization file PGP1.PIF - A Program Information File for PGP.EXE PGP2.PIF - A Program Information File for PGP.EXE ~PRKEYS.PIF - A Program Information File for PGP.EXE DESCRIPT.ION - 4DOS/NDOS file descriptions If PGP is not installed in C:\PGP, you will have to edit PGP1.PIF, PGP2.PIF, and ~PRKEYS.PIF to indicate the correct directory. This is easy to do with the PIFEDIT.EXE application, which comes with Windows. The following files should be installed in your Windows/System directory, if you do not already have them. If the files which come with PGP WinShell are more recent than the ones you currently have, you should replace your current files with the more recent ones. These are very common files, required by a wide variety of applications, and you aren't wasting hard drive space by installing them, even if you decide to delete PGP WinShell later. COMMDLG.DLL - Windows "common dialog" library CMDIALOG.VBX - Visual Basic "common dialog" custom control THREED.VBX - Visual Basic "3-D effects" custom control Also enclosed in this archive are: PUBBSB.ASC - Public key for "Brandon S. Blackmoor <72604,545@compuserve.com>" PUBBLG.ASC - Public key for "Black Gate Publishing <72604.545@compuserve.com>" PGPWSH.ICO - PGP WinShell icon PGPWSH.MAK - PGP WinShell Visual Basic project file PGPWSH.FRM - PGP WinShell Visual Basic form file PGPWSH.FRX - PGP WinShell Visual Basic form file PASSWD.FRM - PGP WinShell Visual Basic form file PASSWD.FRX - PGP WinShell Visual Basic form file RECSETUP.FRM - PGP WinShell Visual Basic form file USRSETUP.FRM - PGP WinShell Visual Basic form file WAIT.FRM - PGP WinShell Visual Basic form file PGPWSH.BAS - PGP WinShell Visual Basic code file PGPWSH.TXT - This file These files are installed to the PGP directory by default, but you may put them anywhere. You should also have set the PGPPATH environment variable to indicate the PGP directory, like this: SET PGPPATH = C:\PGP If you have not, PGP WinShell assumes that PGP is installed in the C:\PGP\ directory. If you have not set the PGPPATH environment variable and PGP is not installed in C:\PGP\, then PGP WinShell will not load. WHAT PGP WINSHELL CAN DO: ================================ * accept a drag-and-dropped file for signing, encryption or decryption * if no file is specified, perform the selected operation on the clipboard * optionally automate user passphrases * add, create, delete, and copy encryption keys INSTRUCTIONS: ================================ OPTIONS: * Sign Message - signs a message with your secret key so that someone with your public key can verify that the message came from you. If no file is selected, PGP WinSHell will sign the contents of the clipboard. * Encrypt Message - encrypt and signs a message, so that no one but the recipient will be able to read the message, and they will be able to verify that the message came from you. If no file is selected, PGP WinShell will encrypt the contents of the clipboard. * Decrypt Message - Decrypt a message and verify the signature. You must have the sender's public key in order to verify their signature. If no file is selected, PGP WinShell will decrypt and verify the contents of the clipboard. USER: You may set up PGP WinShell to automatically select your User ID and Passphrase. You may add User ID's but leave the Passphrase box empty, if you wish. If you do not enter a Passphrase, PGP WinShell will ask you for one each time you use it. Automating your Passphrase is a security risk -- do not do so unless you are ABSOLUTELY SURE of your physical security. If other people will have access to your computer, you should NOT automate your Passphrase. Do not put either of these in quotes. PGP WinShell will add quotation marks around them before showing them to PGP. Push the "User:" button to perform key management, such as creating or deleting keys. RECIPIENT: This field is ignored unless you've selected the "Encrypt File" option. Push the "Recipient:" button to perform key management, such as creating or deleting keys. FILE TO PROCESS: This is the file upon which the selected action is taken. If this field is blank, PGP WinShell will create a temporary file from the clipboard. PGP will process this temporary file, then PGP WinShell will put the file back in the clipboard. After it does this, it deletes the temporary files. DELETE PLAINTEXT FILE: If this checkbox is selected, PGP will delete the original file after it encrypts or signs it. Be careful using this option, since once a file is encrypted you have no way of reading it. KEEP WINDOW OPEN: PGP WinShell usually closes the PGP window after it finishes processing a file, unless you are Decrypting a file. You may control this manually by selecting or deselecting the Keep Window Open checkbox. SECURITY RISKS: ================================ Automating your Passphrase is a serious security risk -- do not do so unless you are ABSOLUTELY SURE of your physical security. If other people will have access to your computer, you should NOT automate your Passphrase. The temporary files are deleted by PGP WinShell, but they may be recovered by a disk-repair utility or one of the many "unerase" type programs. REMOVING PGP WINSHELL: ================================ PGP WinShell is a well-behaved program. It doesn't alter any files in your Windows or System directories. If you want to remove PGP WinShell, simply remove the appropriate files from your PGP directory. You should keep COMMDLG.DLL, CMDIALOG.VBX, and THREED.VBX in you Windows/System directory, because these files are needed by many, many other programs. FINAL NOTES: ================================ PGP WinShell defaults to "Armored ASCII Text" output. If you want to change that, you'll have to alter the source code. This utility obviously doesn't do everything, but what it does do it does quickly and efficiently. If you need much more, you're probably better off doing it from the command line. I had considered writing a Windows Help file for PGP WinShell, but it would have been time-consuming. Also, PGP WinShell is about as easy to use as it can be, and I don't think a Help file would make it any easier. Perhaps I'll write one for the next version, if there is a demand for it. If you should have any comments, I may be contacted at: Black Gate Publishing P.O. Box 1134 Portsmouth, VA 23705-1134 (804) 399-6478 (9am - 5pm Eastern Time, Mon-Fri) CompuServe: 72604,545 GEnie: BBlackmoor America Online: BBlackmoor PGP DOS COMMAND SUMMARY: ================================ To encrypt a plaintext file with the recipient's public key: pgp -e textfile her_userid To sign a plaintext file with your secret key: pgp -s textfile [-u your_userid] To sign a plaintext file with your secret key and have the output readable to people without running PGP first: pgp -sta textfile [-u your_userid] To sign a plaintext file with your secret key, and then encrypt it with the recipient's public key: pgp -es textfile her_userid [-u your_userid] To encrypt a plaintext file with just conventional cryptography, type: pgp -c textfile To decrypt an encrypted file, or to check the signature integrity of a signed file: pgp ciphertextfile [-o plaintextfile] To encrypt a message for any number of multiple recipients: pgp -e textfile userid1 userid2 userid3 - --- Key management commands: To generate your own unique public/secret key pair: pgp -kg To add a public or secret key file's contents to your public or secret key ring: pgp -ka keyfile [keyring] To extract (copy) a key from your public or secret key ring: pgp -kx userid keyfile [keyring] or: pgp -kxa userid keyfile [keyring] To view the contents of your public key ring: pgp -kv[v] [userid] [keyring] To view the "fingerprint" of a public key, to help verify it over the telephone with its owner: pgp -kvc [userid] [keyring] To view the contents and check the certifying signatures of your public key ring: pgp -kc [userid] [keyring] To edit the userid or pass phrase for your secret key: pgp -ke userid [keyring] To edit the trust parameters for a public key: pgp -ke userid [keyring] To remove a key or just a userid from your public key ring: pgp -kr userid [keyring] To sign and certify someone else's public key on your public key ring: pgp -ks her_userid [-u your_userid] [keyring] To remove selected signatures from a userid on a keyring: pgp -krs userid [keyring] To permanently revoke your own key, issuing a key compromise certificate: pgp -kd your_userid To disable or reenable a public key on your own public key ring: pgp -kd userid - --- Esoteric commands: To decrypt a message and leave the signature on it intact: pgp -d ciphertextfile To create a signature certificate that is detached from the document: pgp -sb textfile [-u your_userid] To detach a signature certificate from a signed message: pgp -b ciphertextfile - --- Command options that can be used in combination with other command options (sometimes even spelling interesting words!): To produce a ciphertext file in ASCII radix-64 format, just add the - -a option when encrypting or signing a message or extracting a key: pgp -sea textfile her_userid or: pgp -kxa userid keyfile [keyring] To wipe out the plaintext file after producing the ciphertext file, just add the -w (wipe) option when encrypting or signing a message: pgp -sew message.txt her_userid To specify that a plaintext file contains ASCII text, not binary, and should be converted to recipient's local text line conventions, add the -t (text) option to other options: pgp -seat message.txt her_userid To view the decrypted plaintext output on your screen (like the Unix-style "more" command), without writing it to a file, use the -m (more) option while decrypting: pgp -m ciphertextfile To specify that the recipient's decrypted plaintext will be shown ONLY on her screen and cannot be saved to disk, add the -m option: pgp -steam message.txt her_userid To recover the original plaintext filename while decrypting, add the -p option: pgp -p ciphertextfile To use a Unix-style filter mode, reading from standard input and writing to standard output, add the -f option: pgp -feast her_userid outputfile ================================ End of File