I   Overview

MPGP is a simple shell (DOS) for PGP which allows the user to easily
encrypt/decrypt files using wildcards.  It would typically be used to
encrypt all the files in a directory.  People suggested I try .bat
files instead of writing this little utility, but .bat files
approaching the functionality of MPGP are ridiculously complex.

MPGP is freeware..  It may be distributed freely, and used for any
legal purpose.

The source code (Microsoft C ver 6.0) is included so that the absence
of backdoors can be verified, or in case somebody wants a good laugh.



II  Installation

In order to use MPGP, *PGP MUST BE INSTALLED AND WORKING CORRECTLY*  If
you don't have PGP, or even know what it is, check back after you have
figured out what is going on.

If PGP is properly installed and in your PATH, simply put MPGP.EXE in
your path as well.

Installation complete.



III Operation

Run MPGP without parameters and it will produce a help screen like this:


MPGP  ver 1.1  (3/14/96)   by Mark T. Anderson <mta@clark.net>

Usage: MPGP -option(s)  file1 [file2..] (Wildcards accepted)
options: 
         -e Encrypt file(s)
         -p[KeyId] use Public key encryption (default is conventional)
         -r Randomize name(s) of encrypted file(s), keeping .PGP extension
         -z set date/time of encrypted file(s) to Zero
         -d Decrypt file(s)
         -o allow Overwriting of file(s)
         -k Keep file(s) after processing (default is to wipe/delete)

         

Examples:

mpgp -e *.*   ... you'll be prompted for a passphrase, then PGP will be
executed repeatedly to encrypt, using conventional encryption, all
files (except those with the extension .pgp).  PGP will wipe and delete
the plaintext files.  PGP will stop and ask you what to do before
overwriting existing files.

mpgp -er *.*  like above, except that the newly encrypted files will be
given random filenames.  e.g. 0F58DDA3.PGP

mpgp -erz like above, except the newly encrypted files will have their
time/date set to zero.

mpgp -e -r -z -k *.*  like above, except the plaintext files will not
be erased.

mpgp -zerko *.*  like above, except PGP will overwrite existing files
if it needs to, without stopping to ask you what to do.  See the +force
option in the PGP docs for more information.  Don't use -o, especially
if encrypting files, unless you fully  understand what it will do.

mpgp -ep *.*   ... you'll be prompted for a KeyId, then PGP will be
executed repeatedly to encrypt, using KeyId's public key, all files
(except those with the extension .pgp).  PGP will wipe and delete
the plaintext files.

mpgp -e -pMyKeyId *.*  like above, except you won't be prompted for a
KeyId.  PGP will use MyKeyId instead.

mpgp -e -rpMyKeyId *.*  like above, except that the newly encrypted
files will be given random filenames.  e.g. 0F58DDA3.PGP

mpgp -erz -pMyKeyId *.*  like above, except the newly encrypted files
will have their time/date set to zero.

mpgp -e -r -z -k -pMyKeyId  *.*  like above, except the plaintext files
will not be erased.

mpgp -z -e -r -k -op *.*  like above, except you'll be prompted for a
KeyId and PGP will overwrite existing files without stopping to ask you
what to do.  Use the -o option with caution.  -o calls PGP with the
+force option.  See the PGP docs for information on the +force option.


mpgp -d *.*  you'll be prompted for a conventional encryption
passphrase and/or a pass phrase to unlock your RSA secret key, as
needed.  All files with the extension .PGP will be decrypted, and
original filenames restored.  The .PGP files will be erased.  PGP will
stop and ask you what to do before overwriting any files

mpgp -dk *.*  like above, except that the .PGP files will not be erased.

mpgp -d -k -o *.*  like above, but PGP will overwrite existing files
without stopping to ask you what to do.  See the +force option in the
PGP docs for more info.  



IV Environmental Variables

Although their use is discouraged, you can set the environmental
variables PGPPASS and MPGPPASS so as to avoid having to type your
passphrases time and again.  PGPPASS can be set to the pass phrase to
unlock your RSA secret key.  If PGPPASS is set, MPGP will not prompt
you for it.  MPGPPASS can be set to a passphrase that will be used to
encrypt/decrypt files with conventional encryption.  If MPGPPASS is
set, MPGP will not prompt you for conventional encryption passphrases.
Type something like:

set MPGPPASS=this is my conventional encryption passphrase
set PGPPASS=this passphrase unlocks my RSA secret key

at the DOS prompt to use these environmental variables.  Again, we do
not recommend that these variables be used, but they're there if you
wish to sacrifice security for convenience.



V  Details

MPGP will only encrypt files with extensions other than .pgp and will
only decrypt files with the extension .pgp  If all the files in a
directory except one are already encrypted, mpgp -e *.* will only call
pgp to encrypt the one non-encrypted file.  No tests other than
checking the extension are performed to determine if a file is
already encrypted.

It's best to use mpgp only on files in the current directory, since pgp
decrypts files to the current directory, regardless of what directory
the input files are in.

Although all of the examples used *.* for the wildcard, you may use
filenames, or partial wildcards as well.

e.g. mpgp -er *.jpg *.gif images.lst


Options may be entered in a variety of ways: -erk , /ERK , -E -k /R ,
etc. are all equivalent.

The -p (use public key encryption) option is different from the others
in that it must be the last option before a space on the command line.
Anything after the "p" but before a space on the command line is
interpreted as a KeyId.  For example:  mpgp -e -rzp *.*  will have mpgp
prompt you for a KeyId and encrypt files with that KeyId, randomize
the filenames, and set the time/date of the encrypted files to zero.
But mpgp -e -prz *.*  will encrypt all files to the KeyId "rz"  which
is quite a different thing.  The other options can be entered any way
you want, but remember that anything following the "p" is considered
to be a KeyId.

MPGP returns a 0 if no errors were encountered, a 1 or the highest
errorlevel PGP returned if there was a problem.

The maximum length of a passphrase that mpgp can pass to pgp.exe is 256
characters.

The message "Illegal character in passphrase" appears if you attempt to
use the character "  (double quote, 22hex) in a conventional encryption
passphrase.  Because of the way in which the passphrase is passed to
PGP, we could allow spaces in the passphrase, or quotes, but not both.
We chose to permit spaces.

The " character (double quote, 22hex) is permitted in passphrases to
unlock your secret key.  The passphrase is normally passed to PGP on
the command line like this:  PGP -z"PassPhrase", but if there's a " in
the passphrase, then mpgp sets PGPPASS before calling PGP and clears
it afterwards.  If for some reason PGPPASS cannot be set (out of
environment space?) MPGP will abort.

MPGP was developed and tested on PGP ver 2.6.2 and has not been
verified to work on other versions.



VI Obtaining MPGP, Contacting the Author

The latest MPGP is available via 

ftp:  ftp.clark.net /pub/mta/mpgp*.zip
or WWW: http://www.clark.net/pub/mta/mpgp.html

The author my be contacted by email: mta@clark.net  The author's PGP
public key is:

1024 bits:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy9TGKoAAAEEALA2cdmQ1Agj28kc+rjyLmdqd42DtRP67oVKrgowJ7lz6x0t
iyVHQMb1AtFhaj48YV981Xo+rTGvLg3X0II9vwg+IWG6X+l8yaaLtizsYVGoQHXq
0qEIqMTPSVSY8YAgRd14Wtq11/lLX9pKqp0HAXaLTOFDJoIV4FK8U7evx9M1AAUT
tCFNYXJrIFQuIEFuZGVyc29uICA8bXRhQGNsYXJrLm5ldD4=
=W7TL
-----END PGP PUBLIC KEY BLOCK-----


2047 bits:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAy+EPAsAAAEH/1IGf/BRTI/bLNgEO3uLZ/gdlD1YpMxa/1hincLH3PqLA80x
wDGraC9NgcgVWFT3h0wQna/N9Yyc3PZGoGnyvkcBiBzdQIpbMTYjzdWb99DsvcR7
Y5YWZfq/+b2jvNDWtfMck9K1W2WvUNMSUMdnph8ACUgxa+PFEpEYOxf6HvVXFCrQ
CBBOCC+yBzzrI4GgzjJu42tUnmQpx7Ik2AfKhjcOZofo4biHtzD5BGNlC0WK/KXZ
JFAxGYpD8KC6o1JyGFi1fgD0d7UlHiOgL/1yw0p5KTxqnY3igjfMSpuhIE4piz6G
DpcsJHFhRp9ZWBm/gtsQcFb08TNWlnUYat9ZjJUABRO0LE1hcmsgVC4gQW5kZXJz
b24gKDIwNDcgYml0cykgPG10YUBjbGFyay5uZXQ+
=adLc
-----END PGP PUBLIC KEY BLOCK-----

and is available at the WWW and FTP sites listed above, or by going
finger -l mta@clark.net



VII Legal Stuff

MPGP is offered AS IS.  No warranties are expressed or implied.  The
author assumes no responsibility for damages of any kind arising from
your use of, or inability to use this product.  Use MPGP AT YOUR OWN
RISK.


MPGP is (c) 1996 by Mark T. Anderson.
PGP is a registered trademark of Phil Zimmerman
Microsoft is a registered trademark of Microsoft Corporation.
