Silk Road forums

Discussion => Security => Topic started by: narcotourist on April 12, 2012, 03:38 am

Title: GPA question
Post by: narcotourist on April 12, 2012, 03:38 am
Hi,

Just did my first order through SR, I encrypted my address details with the users PubKey using GPA and saved it to a file, as part of the order process it asks you to provide your address I assume this means you use the encrypted data out of the file you created with GPA and paste it in along with your own Public Key for the reply, problem is I can't find anything that allows me to look at the encrypted file data to paste into the message and it doesn't seem like there is a way of attching a file to the message sent from silk road.

Can anyone point out what I am doing wrong here?
Title: Re: GPA question
Post by: flicky42 on April 12, 2012, 04:04 am
alrighty:

first you don't need to post your public key.

Second when you encrypt the message it should output a file that you can open with text edit or something. You copy and paste the entire message in the box where you place your order on SR. Make sure its an ASCII encryption.
Title: Re: GPA question
Post by: phubaiblues on April 12, 2012, 04:10 am
Not *quite* sure what you are asking here.  Mainly I want to keep it simple, so, say I'm sending my address and want to encrypt it, on a purchase.  And presuming you've already put the vendor's public key in pga or kleopatra, I'd just put my public key and my address (and anything else I want to say) in the clipboard, and encrypt the whole shebang (with user's public key) and then just paste that in the address box, when I make the purchase.   I've used both GPA and Kleopatra, same thing....or make a file, I"ll save temporarily on my desktop...but again, just encrypt everything--including your address and public key--in a file, then open file, copy the whole thing, and send....is that what you are asking?  They both have slightly different setups (Kleo and GPA)

User will just use his public key, and decrypt the whole thing...it's usually worked for me, tho, of late, I don't bother encrypting addy, for all kinds of boring reasons...best wishes...
Title: Re: GPA question
Post by: zexorx on April 12, 2012, 04:32 am
How do you find out if its an ASCII encryption??
Title: Re: GPA question
Post by: dolphinspeak on April 12, 2012, 11:44 am
How do you find out if its an ASCII encryption??

There should be a checkbox that says "armor" somewhere. Armor = ASCII for all intents and purposes here.
Title: Re: GPA question
Post by: Limetless on April 12, 2012, 01:50 pm
Has anyone else noticed that C+Pin things on GPA's clipboard is really temperamental? Or am I just being a spaz?
Title: Re: GPA question
Post by: kmfkewm on April 12, 2012, 02:24 pm
armor = base64
Title: Re: GPA question
Post by: zuckerberg on April 12, 2012, 09:16 pm
Jesus you guys know how to take something simple and make it confusing!   OP:  Do this.  You should not be saving anything to a file besides SR dealer's public keys.

PART I: Import Dealer Keys
=====

Did you import your dealer's keys into the keyring?  If yes, skip this part,  If not, follow these steps.

(1) Open up GPA

(2) Go to your dealer's profile, and copy his PGP public key from his profile.

(3) Paste your dealer's  key  from the clipboard into a text file (.txt) and save it somewhere, preferably on your encrypted partition.

(4) From the main GPG window, Click on menu Keys / Import Keys , and select the .txt file to which you saved your dealer's key.   Now it is imported into your keyring, and you can send them encrypted messages.

=====

Part 2: Encrypt your Address / Message using GPA; address it to your SR dealer

(1) Open up GPA.

(2) Click on Windows / Clipboard.   The GPA clipboard window will open (this is different than the main GPA window).

(3) Cut and paste (and or just type out) what you want to encrypt in the GPA Clipboard.  This is probably your address, etc.  When you are done , it will be on your screen in plain text in the GPA clipboard.

(4) In the GPA Clipboard window (where you just typed), Click on File / Encrypt.   Select (click on) the recipient (your SR dealer) from the list of Public Keys in the top box.   Your dealer's name should be highlighted.   

(5) In the same window, Optionally Click on the "Sign" checkbox if you wish to sign your message... If you choose to sign,  select the user as which to sign the message from the second box, labeled "Sign As".  If you sign the message, make sure you are signing with a fake name /fake email  (do not use any real email address,  real name, or anything like that).    I recommend signing all your messages so your dealer knows he is talking to you.

(6) Next up, the "Armor" checkbox on the same window should be checked and greyed out.  If it is not checked, then check it.   Now you are ready to click "OK" and encrypt your message.

(7) A window will pop up saying "You are going to encrypt the document using the following key ,
User Name: Drug Dealer <dealer@somewhere>
Key ID: 123456

However it is not certain the key belongs to that person. Do you REALLY want to use this Key?     "

[8] As long as you imported the key yourself from the dealer's SR profile ,go ahead and click "Yes"

(9) A window will pop up saying "Please enter your passphrase"...  Here, enter the passphrase you once created for your secret keyring .  Hopefully you remember it.

(10) In the GPA clipboard, an encrypted and "armored" copy of the message will appear.  It will start out "-----BEGIN PGP MESSAGE-----"  then a bunch of gibberish.  If you see this, then you were successful.  Cut and paste this into the address box in the shopping cart.

======
Title: Re: GPA question
Post by: phubaiblues on April 13, 2012, 11:41 pm
Do it once, it's pretty easy...obviously--reading all the above posts ;)-- just hard to explain...most of us had to learn this just thru trial and error, (or at least I did).  I use  liberte linux, which has built in gnupg/gpa, built in...Tails has similar.  I just plug away 'til I get it...good luck.