PGP Components for Delphi

When I first started to use Pretty Good Privacy™ with my email client, I tried to find a handy extension to work with the at that time newest version (2.6.3). And indeed, there were two of them: QDPGP - which actually did not satisfy my demands - and another one, that isn't updated and supported any more. So I decided to write one by myself - in Delphi.

While learning about piping in- and output between command-line and GUI applications, I tried to find some supporting sources on the internet - and again was successful: Some free PGP components for DOS were already available. In the meantime PGP itself came up with GUI interfaces, and I was expecting to maybe find a program library I could use for my own programming efforts.

It then happened that I heard about a really comprehensive Delphi PGP header file for PGP 5.5.3i but, as still I'm not a professional programmer, that really wasn't what I could deal with. So again I was waiting for an easier way to find, and finally I did: Thanks to Steve Heller there was SPGP.DLL, a library providing some easy interfaces for the most important PGP functions. For more links to SDK related resources including a mailing list see Robert's PGP SDK pages.

Now that I've become really familiar with these I've been able to rewrite my components to directly interface with PGP's libraries themselves, which enables me to provide more features and more convenient data structures using Delphi's capabilities than SPGP does - but only with PGP versions 6.5.x, 7.x, 8.x, 9.x and 10.x. Please be aware that this version is not compatible to any 1.x version of the components!

The latest package pgpdc501.zip (400 KB) containing the sources and their detached PGP signature includes 34 units, most of them providing interfaces to PGP libraries (please note that these are covered by the "Mozilla Public License Version 1.1"), customized versions of Primoz Gabrijelcic's Time Zone Routines v1.2 and Ralph Junker's Base64 routines and an optimized version of Sébastien Sauvage's pascal version of Bob Jenkins' random number generator. The components have been successfully used with Delphi 2 and 6, 2005 and 2010 by myself, please let me know about problems with any other version. You don't need anything else than a full installation of PGP 6.5.x, 7.x, 8.x, 9.x or 10.x (but this is mandatory: if PGP isn't installed on your machine Delphi may fail to load its visual component library, see the ReadMe.txt file in the download package). As of August 2002 I've added files for compiling the components into C++ Builder 5 & 6, created and tested by Jesse Reichler.

As of February 2002 I've added the sources for a simple DLL and a small application demonstrating its use. The DLL has originally been created for a VB developer's email application called PostMe.

As of October 2004 there are six additional components for creating, exporting, importing, verifying and examining x.509 certificates with PGP versions since 7.x.

The components (15 in total) provide:

• Encoding and decoding (encryption/decryption/signing/verifying)
• Creating and verifying file detached (Open)PGP signatures
• Importing, exporting, revoking, deleting keys & certificates
• Several key & certificate management functions
• Key & certificate generation (DH/DSS, RSA)
• x.509 certificate & S/MIME support
• Keyserver functions
• Some utilities

Feel free to use and modify the sources according to your demands - but be aware that I cannot provide any warranties whatsoever. Your comments and suggestions are welcome. Have fun ...

(PGP key)

PS: Here's where you can find my PGP extension for Pegasus Mail: www.pmpgp.de

 

What's new?

it's private by ChangeDetection

Version 5.0.1 - 19.12.2011

This version just enables PGP 10.2 support.

Version 5.0.0 - 25.07.2010

This one is almost exclusively about migration to Unicode based versions of Delphi (2009 and later) with the main issue being the lack of a backwards compatible TStringList type: Hence there's now a new unit called PGPStringList.pas implementing a TRawByteStrings list type capable of dealing with AnsiString and RawByteString types. For keeping compatibility with prior versions of Delphi these types are either an alias or a redefinition of predefined types, please make sure to read the respective help file page. Other changes:

• StrTools.pas has been renamed to PGPStrTools.pas.
• The certificate selection dialog now selects and closes on double clicks.
• The CPP-Builder files have been updated for including the x509 components and working with CPPB 6.

Version 4.9.4 - 06.03.2010

... now supports PGP 10.

Version 4.9.3 - 20.11.2009

• A version inconsistency issue caused by PGP 9.12 has been fixed.
• Version handling has also been simplified by implementing the TSDKVersion type.
• ExtractEmail in KeyPropTypes.pas has been slightly enhanced for working faster.

Version 4.9.2 - 13.06.2009

• Importing certificates (namely passphrase handling) has been fixed and enhanced in various modules.
• TPGPDecode.EnforceFileStreaming has been added for avoiding out of memory errors if decoding files resulting in huge amounts of output data.
• Several minor fixes, enhancements and a compatibility check with PGP 9.10 have been applied including the addition of hash algorithm SHA-224 where applicable.

Version 4.9.1 - 21.12.2008

• The test application now shows a proper error message if the installed version of PGP cannot deal with x509 certificates.
• Several minor adjustments and a compatibility check with PGP 9.9 have been applied.

Version 4.9.0 - 22.05.2008

• Some minor adjustments to PGP 9.7 & 9.8 have been applied: The only one possibly affecting your application(s) is the removal of the CertificateExtension attribute from TX509CertAttributes.
• A stupid bug resulting in wrong data being written to file with TPGPEncode.FileOutput enabled has been fixed.
• Inserting a charset header has been fixed for clear singing text containing other clear signed text.
• A new sSubKeyHexID item has been added to TSigPropsRec.

Version 4.8.2 - 16.12.2007

• The type of TPGPEncode.FileOutput and TPGPDecode.FileOutput has been changed for including a new option which allows TPGPEncode.OnGetOutputFileName and TPGPDecode.OnGetOutputFileName to get triggered regardless of any conditions.

Version 4.8.1 - 12.08.2007

• Using the unit CertStore.pas a new TX509GetCertProps.DisplayCertProps method has been added.
• There's a new TPGPEncode.ParanoiaSwitch property for "encoding" zero byte data and files (for whatever reason ...).
• Some file write bugs in TPGPEncode (affecting armoring, conventional encryption and detached signing), have been fixed.
• Evaluation of the recently introduced key usage and certificate capability properties has been fixed.

Version 4.8.0 - 14.07.2007

Main changes aside from various internal enhancements and fixes:

• Unit ASN1.pas has been renamed to ASN1Tools.pas (on special request ...).
• Exception handling has been enhanced for passing on Delphi's exception messages instead of Unknown ... error messages.
• Another key property has been added to TKeyPropsRec: kX509Key tells whether a key has any kind of X509 certificate at all.
• More certificate properties can be retrieved via TKeyPropsRec.kUserIDList: X509KeyUsage, X509CanEncrypt & X509CanSign.
• Corresponding properties have also been added to TX509CertPropsRec: x509KeyUsages, x509CanEncryptData & x509CanSignData.
• And TX509GetCertProps got the respective additional (Ring)CertFilter options: CertFilter_X509CanEncrypt & CertFilter_X509CanSign.

Version 4.7.0 - 16.03.2007

• The help file has been completely revised and converted from the old WinHelp format (which isn't supported by Windows Vista) to the not so old HtmlHelp format (which isn't supported by Delphi) ...
• The utility routines SetVersionString and GetPGPVersion have been substituted by the new TPGPPreferences properties VersionString (read / write) and PGPVersion (read-only).

Version 4.6.0 - 04.02.2007

This version provides PGP 9.5.x adjustments along with some enhancements and fixes:

• There's a new Charset property in TPGPEncode & TPGPDecode providing access to the charset information included with armored inline PGP data: For using the KeyEncrypt... and ClearSign... methods in non-MIME mode (i.e. plain text with Format_Armor and Format_Textmode enabled) Charset defaults to the local Windows charset. AnalyseMime... and DecodeMime... will return any charset information included.
• Signature information on verifying S/MIME messages now ensures to check certificate properties along with key properties for returning the proper states in sRevoked, sDisabled and sExpired.
• Decoding PGP/MIME or S/MIME messages now guarantees to always provide CRLF line breaks no matter what source is provided.
• PGP 9.5.x supports the advanced SHA-2 algorithms (SHA256, SHA384 and SHA512) for signing and verifying.
• Some utility functions in KeyPropTypes.pas have been fixed with regard to potential crash conditions.
• UTF8Sec.dll isn't required (and included) anymore for charset conversion in Delphi versions prior to 6.x.

Version 4.5.3 - 05.08.2006

This version mainly provides some more fixes:

• S/MIME message header generation has been fixed.
• Crashes with PGP's certificate selection dialog have been fixed.
• Some more certificate related issues including a PGP 6.5.x specific one have been fixed in KeyFuncs.pas.
• An endless loop condition in TPGPDecode's signature handling with keyserver lookup enabled has been fixed.
• The TUserIDs list type defined in KeyPropTypes.pas now provides the additional properties CertOwners and CertUserIDs.

Version 4.5.2 - 18.03.2006

This version only provides some fixes and adjustments:

• Signing data without using PGP's passphrase dialog in TPGPEncode shouldn't cause access violations anymore.
• CreateX509CertificateFromRequest in X509Funcs.pas now returns a CertPropsList instead of a CertPropsRec.
• GetKeySetByAnyID in KeyFuncs.pas doesn't try to process non-empty blank IDs (spaces, e.g.) anymore.
• PGP's dialog for certificate selection shouldn't occasionally hide in background anymore.

Version 4.5.1 - 01.02.2006

• Certificate selection now uses a certificate specific PGP dialog in some places.
• The key selection dialog for S/MIME encryption only shows certified keys in TPGPEncode.
• A SignCertUserName property has been added to TPGPEncode to ensure the proper signing certificate being used for S/MIME.
• Some internal changes have been applied to X509Funcs.pas and KeyFuncs.pas which required adding a new unit called ASN1.pas.
• The TUserIDs list type defined in KeyPropTypes.pas has been extended to provide X509Types and ChainValidities for certificates.
• Some new error codes have been added to pgpErrors.pas.
• More X509 related enhancements and fixes.

Version 4.5.0 - 25.12.2005

I finally managed to implement S/MIME support for PGP 8.1 (with SDK 3.2.x) and later which had some side effects (except for bug fixing):

• TPGPEncode's KeyEncrypt... and ClearSign... methods now take an additional SMime parameter overriding nearly all other options for generating properly formatted S/MIME messages; in due course I adjusted the MimeBodyOffset read-only property to return a string index instead of a (zero-based) PChar index.
• TPGPDecode got new AnalyseMime... and DecodeMime... methods added providing special handling of PGP/MIME and S/MIME messages to always result in properly formatted MIME messages ready for email-parsing. And the new KeyAddResult read-only property reports a separate error status of adding keys to keyrings while decoding data.
• TX509Export and TX509Import can now handle certificates including secret keys (PKCS #12) as well; for achieving this a passphrase handling had to be implemented - which led to some improvements with regard to passphrase handling for the other TX509... components as well. Certificate attributes are now UTF-8 encoded if required and the key property kX509Cert has an additional BadCert value.
• TX509GetCertProps can now populate a ComboBox and a ListBox with certificates via an Update method.
• TX509CertProp got a CertProp_OwnerUserID referring to x509OwnerCertUserID in TX509CertPropsRec.
• Prompts for PGP's dialogs (9.x) are now correctly converted to UTF-8.
• UTF8Sec.dll isn't required anymore when using Delphi 6 or later.

Version 4.2.1 - 11.10.2005

This version fixes two bugs in TPGPDecode:

• SecureMove caused an access violaton if FActualOutputSize was zero (an extremely rare event, though).
• FRecursivelyDecode caused FAnalysis to report a wrong data type instead of ENCRYPTED.

Version 4.2.0 - 28.08.2005

PGP 9 support has been added:

• The most relevant changes apply to handling preferences, see Preference Types.
• TSigPropsRec has a new member, see Signature Types.

Version 4.1.2 - 29.06.2005

• PGP.dpk has been added for installing the components into Delphi 2005.
• The cause for access violations in TPGPDecode has finally been fixed now.

Version 4.1.1 - 05.06.2005

• A memory leak has been fixed in TKeyPropsList.Move.
• A possible cause for access violations in TPGPDecode has been taken care of.

Version 4.1.0 - 13.02.2005

• The properties PassCacheSeconds and PassCacheShare have been added to TPGPPreferences, TPGPEncode and TPGPDecode to enable retrieving and setting the respective passphrase caching options when using the components with PGP 8.x. The new utility functions PassphraseCacheEmpty and PurgePassphraseCache may be used as well when working with PGP's internal caching mechanisms.

Version 4.0.1 - 27.10.2004

• Checking and restarting of the PGPsdkService (PGP 7.x / 8.x only) have been fixed, modified and enhanced.
• Error handling in TPGPDecode's data analysis has been slightly adjusted for special cases.

Version 4.0.0 - 02.10.2004

• Adds some new components called TX509... (and the respective key property for TKeyPropsRec: kX509Cert including the respective KeyProp_X509Cert) for creating, exporting, importing, verifying and examining X509 certificates with PGP versions since 7.x: Please carefully read the help pages about this, insufficient knowledge and handling might cause serious (keyring) problems!
• Checks whether the PGPsdkService (PGP 7.x / 8.x only) is running when initializing keyrings and tries to restart the service if required.
• Renames the TKeyPropsRec member kAlgorithm to kKeyAlgorithm and adds another one called kHashAlgorithm including the respective properties: KeyProp_Algorithm becomes KeyProp_KeyAlgorithm and KeyProp_HashAlgorithm is added.
• Renames TPGPDecode's OnGetAnalysis and OnGetSignature events to OnAnalysis and OnSignature.

Version 3.3.8.1 - 02.05.2004

• Enhances the key selection algorithm used for signing and / or EncryptToSelf in TPGPEncode if no valid SignKeyID is provided.
• Extends RecursivelyDecode in TPGPDecode to apply to encrypted messages containing PGP/MIME signed data as well.
• Checks for another fatal initialization error in pgpBase.pas: ieSDKInit indicates a missing PGP SDK service (and others).
• Fixes potential memory leaks in PrefFuncs.pas (GetPGPKeyIDString) and KeyFuncs.pas (GetFingerprintString).
• Contains a recompiled version of UTF8Sec.dll honouring the SILENT_FAILURE compiler switch as well.
• And finnally doesn't halt applications any more if you keep SILENT_FAILURE disabled.

Version 3.3.7.1 - 22.02.2004

• Applies the PGP 6.5.x bugfix in TPGPDecode to all data beginning with extended characters (ASCII > #127).
• Fixes a memory leak occuring in TPGPDecode's SignatureHandler when reusing the component.
• Fixes a potential memory leak in TKeyPropsList when adding (ignored) Duplicates to the list.

Version 3.3.7 - 07.12.2003

• Enhances handling of (very) large files in "file to file" mode with PGP 7.x / 8.x; with PGP 6.5.x you'll still need huge amounts of RAM (about two times the (input) file size) as it doesn't export a required function. This has a major impact on the handling of data marked as for your eyes only: If a file contains multiple lexical sections (e.g. multiple encrypted and / or unencrypted sections, a simple PGP/MIME message e.g. does already!) only the first one determines whether the decoded data will be written to file or only displayed via secure viewer; if you want to avoid any sensitive data ever being written to file you either shouldn't use PGPDecodeFile with FileOutput enabled or make sure to decode every lexical section separately!
• Fixes some more UTF8 related issues with passphrase handling for PGP 8 in TPGPKeysGenerate and TPGPSetKeyProps.
• Contains a slightly modified UTF8Sec.dll (version 1.1).

Version 3.3.6 - 14.09.2003

• Adds a new key property (flag): kCorrupt resp. KeyProp_Corrupt.
• Fixes reading PGP's path from the Registry.
• Contains some minor enhancements.
• "Beautifies" the whole code ...

Version 3.3.5 - 06.04.2003

• Adds UTF8 handling to the utility function ValidPassphrase.
• Fixes problems with verifying GnuPG signatures using subkeys (PGP 6.5.x doesn't support these).
• Removes the VersionString property from TPGPEncode (see Version 3.3.4 below: I was wrong when stating it didn't exist at all ...).

Version 3.3.4.1 - 16.03.2003

• Changed GetPGPVersion to return PGP's version from PGPcl's product version resource (more reliable).

Version 3.3.4 - 01.03.2003

• Some changes in TPGPDecode: The event OnAddKeys has been removed as it didn't provide any additional benefit over just setting QueryAddKeys and using PGP's key selection dialog to cancel. Instead you can now import pre-selected found keys without prompting users by leaving KeyDlgPrompt blank and setting IgnoreKnownKeys according to your preferences. Note that this will not automatically import keys retrieved from keyservers for verifying signatures, though.
• There's no VersionString property any more in TPGPKeyExport - which actually has never been there in TPGPEncode although described on its help pages. Instead you may now use the utility "function" (actually a procedure) SetVersionString.
• In TPGPKeyExport the dialog handling has been changed to act like in TPGPKeyImport: Using the dialog is only enabled when a KeyDlgPrompt string is provided.
• The new utility function GetPGPVersion returns PGP's version key name from the Registry.
• Fixes some more UTF8 related issues for PGP 8 in TPGPKeysGenerate and TPGPSetKeyProps.
• Fixes retrieving the default key's hex ID for IDs with a terminating zero with PGP versions 7 & 8.
• Fixes a memory related problem causing memory leaks and access violations with PGP 7 & 8.

Version 3.3.3.1 - 12.02.2003

• This one provides a very minor change: The original version 3.3.3 showed a delay when terminating Delphi and / or applications using the components, this one doesn't do this any more - although unloading all used libraries takes as long as before: It's only hidden from the user.

Version 3.3.3 - 06.02.2003

• Fixes a problem with UTF8Sec.dll which caused applications running within Delphi on NT, W2K or XP systems to crash on termination. It also adds a debugger check which now doesn't require you to enable the $DEBUG compiler switch in UTF8.pas anymore when launching your applications from within Delphi. Of course, this means running your application within ANY debugger will prevent it from using secure memory for processing passphrases!

Version 3.3.2 - 27.01.2003

• Adds UTF8 handling for PGP 8.x: To make the required conversion utilities available for Delphi versions prior to 6.x and ensure they are using secure memory when converting passphrases I have created the included library UTF8Sec.dll (sources removed). IMPORTANT NOTE: To properly install the components you need to move a copy of this library to a commonly accessible directory like ..\%WINDIR%\system(32) on your machine (this is usually accessible for all applications). If you encounter problems running your applications within the Delphi IDE enable the $DEBUG compiler switch in UTF8.pas (I' haven't seen any with D2, but with D6 I did). And don't forget to enclose another copy of the library with any distribution of an executable or library using these components!
• Fixes some memory leaks in TPGPKeysGenerate and PGPDialogs.pas;
• Adds a LogExpSignature string property to TPGPDecode;
• Adjusts the WipeFile function for PGP 7.x & 8.x;
• Contains some more version adjustments.

Version 3.3.1 - 01.01.2003

• Fixes a kPGPError_OutOfEntropy when generating keys with PGP 8;
• Issues an error when trying to decode or encode files larger than 4 GBytes;
• Returns kPGPError_PublicKeyNotFound if EncryptToSelf is enabled without a default key specified in PGP;
• Contains some other minor enhancements and fixes.

Version 3.3.0 - 15.12.2002

PGP 8 support has been added, which currently doesn't change a lot:

• TPGPDecode's types TSigStatus and TSigPropsRec have been extended to provide signature expiration values;
• TPGPEncode's sign (hash) algorithms now include SHA256, SHA384 and SHA512, although PGP 8.0 doesn't seem to have implemented them for data signing (that's why they haven't been enabled, yet);
• Other changes include a new key property called kLegacyKey and the (hopefully final) effort to get v4 key generation eventually fixed (main key usage signing and subkey usage encryption).

Version 3.2.6 - 30.11.2002

• The key size(s) returned for RSA v4 keys have been corrected to show both main and subkey sizes.
• Minor internal enhancements.

Version 3.2.5 - 24.10.2002

• All OnGetPassphrase events have been renamed to OnEnterPassphrase.
• MIME, Armor, EyesOnly and Textmode options are now used with conventional encryption as well.
• RSA (v4) format keys will correctly contain a main and a sub key, and RSASubKeyGenerate has been added.
• OnKeyGeneration now returns the key properties record of the (master) key containing the values selected by KeyProps_IDComplete.
• Several minor internal enhancements and fixes have been applied, and a compiler switch variable has been added for using the components with Delphi 7.

Version 3.2.4 - 11.08.2002

• Setting the default key preference has been fixed.
• A DecodeBuffer bug with binary PGP data has been fixed.
• The missing property ParentHandle has been added to TPGPKeyExport.
• The package now includes files (created by Jesse Reichler) for compiling the components into C++ Builder 5 & 6.

Version 3.2.3 - 06.07.2002

• An additional signature status has been added to the TSigStatus type for verifying signatures using TPGPDecode: SIGNED_UNKNOWN_ALG (for compatibility reasons).

Version 3.2.2 - 20.05.2002

• Another compiler switch called FORCE_LOCAL_EXEC has been added to pgpBase as for some reason PGP 7.x doesn't show the key generation progress properly anymore if kPGPFlags_ForceLocalExecution is omitted when initializing its libraries. Unfortunately using this flag results in a file locked error being returned when trying to access keyring files while PGPnet or PGPkeys are running simultaneously (see 3.2.1). So now you've got the choice ...
• Public key encryption with TPGPEncode now honours PGP's cipher algorithm preferences as set via PGPkeys.
• The cipher algorithm constant kPGPCipherAlgorithm_Blowfish used by GnuPG has been added to pgpPubTypes.

Version 3.2.1 - 07.04.2002

• A PGP 7.x initialization flag has been changed that now allows accessing the keyring files without closing PGPkeys or PGPnet.

Version 3.2.0 - 24.03.2002

Some internal enhancements and a new read-only property in TKeyPropsList called ValidProps which indicates the valid key properties for all records contained in the respective properties list as passed to the method retrieving that list. Furthermore some fixes:

• An internal error condition when compiling a project with range checking enabled ($R+) has been fixed.
• Some memory related issues in TPGPDecode (causing problems with Delphi 6) have been fixed.
• sCreaTimeNum in TSigPropsRec now correctly provides its time value in unix format.
• A bug when using a non-default SignKeyID with TPGPEncode has been fixed.

Version 3.1.9 - 10.03.2002

• Some inappropriate errors with sign key handling in TPGPEncode have been removed.

Version 3.1.8 - 02.03.2002

• Another internal modification and a fix of the passphrase handling in TPGPDecode which now correctly calls OnGetPassphrase repeatedly if a bad passphrase is provided. Furthermore a new AlgorithmFilter option has been added to retrieve RSA legacy keys only with TPGPGetKeyProps. Accordingly you can now create RSA V4 (PGP 7.x only) or legacy keys with TPGPKeysGenerate.RSAKeyGenerate.

Version 3.1.7 - 23.02.2002

• Some minor internal changes / additions and a more important one: OnGetPassphrase for TPGPEncode now provides passphrase checking for the selected signing key and passes the corresponding BadPassphrase parameter.

Version 3.1.6 - 01.02.2002

• Two bugs with verifying detached signatures via TPGPDecode have been fixed.

Version 3.1.5 - 30.01.2002

• A rather old bug in TPGPEncode causing access violations when using methods without signing and some more bugs in TPGPDecode and TPGPKeysGenerate when using OnGetPassphrase have been fixed.

Version 3.1.4 - 27.01.2002

• This version includes some more bug fixes regarding the TPGPSetKeyProps methods DoKeyPassChange and DoKeyRevoke and implements OnChangePassphrase resp. OnGetPassphrase events.
• The TMinPassLen and TMinPassQual types have been extended to include zero as the lowest value (applying to TPGPSetKeyProps and TPGPKeysGenerate): Please absolutely read the warning before using this feature!
• Another bug with the BadPassphrase parameter in OnGetPassphrase of TPGPDecode has been fixed.
• OnGetPassphrase of TPGPEncode now provides a Cancel parameter to interrupt the encoding process.
• And finally some internal enhancements have been implemented.

Version 3.1.3 - 20.01.2002

• Some internal enhancements, a bug fix in TPGPSetKeyProps (to correctly retrieve the 64bit hex IDs) and a new property for retrieving user ID dependent validities from user ID lists (see KeyPropStructs) have been implemented. You can now also turn off the internal initialization failure mechanism by enabling a compiler switch in pgpBase.pas.

Version 3.1.2 - 12.01.2002

Two changes / additions:

• If a component is owned by a Form the component's ParentHandle property (if any) will automatically be set to the form's handle, thus making any PGP dialogs act as modal windows on top of the owning form.
• A new method called SetCipherAlgPrefs has been added to TPGPKeysGenerate (including the necessary changes to pgpPubTypes.pas and pgpOptionList.pas), which provides the option of specifying a particular order of preferred cipher algorithms for newly created keys (please pay attention to the restrictions of this feature).

Version 3.1.1 - 30.12.2001

• A PGPFreeGroupSet bug (the PGP SDK doesn't check groups list pointers for nil like it usually does with pointers) causing an access violation when no groups file exists has been fixed.

Version 3.1.0 - 22.12.2001

Some more important changes have been applied with this version:

• The standard format of hex IDs has been extended to their 64bit representation (for more details see IDs. Especially if you've been using the KeyPropsList.Strings[Index] property you may have to change some of your code as it now provides the long version, whereas KeyPropsRec.kHexID still contains the 32bit string. Altough you may still use short hex IDs it is recommended to change for the longer ones. In case you need to abbreviate these (for displaying to users, e.g.) you may use the utility function GetShortHexID.
• Retrieving key property records of a key properties list has been simplified a lot (I really wish I had figured this out earlier ...): You can now simply use KeyPropsList.KeyProps[Index] like Strings[Index] or Objects[Index] with Delphi's [{Macro JumpKeyword(Delphi.hlp, TStringList):StringLists}] ([{Macro JumpKeyword(Delphi6.hlp, TStringList,):Delphi 6}]). This property is read-only.
• Access to PGP groups files has been implemented requiring a new unit called pgpGroups: If a groups file exists its groups are now displayed in the recipients dialog of TPGPEncode, and another property called GroupsList has been added to TKeyPropsList, which enables you to retrieve the groups' names, descriptions and hex IDs via TPGPGetKeyProps.GetGroupHexIDs.
• A bug in TPGPPreferences.DoSetPreferences with PGP 7.x has been fixed where the default key preference didn't get set properly.
• Further minor enhancements and fixes.

Version 3.0.4 - 19.11.2001

• A VersionString bug with PGP 6.5.x has been fixed.

Version 3.0.3 - 06.11.2001

• A new property has been added to TPGPEncode and PGPKeyExport: VersionString, which takes the version string generated with armored PGP data. If you don't assign your own string it will contain the standard PGP SDK version string (x.x.x is the respective version number):

  PGPsdk Version x.x.x (C) 1997-xxxx Network Associates, Inc.
  

  Assigning a string in one of the components will set it for the other one as well. NB: The string get's truncated if exceeding 255 chars, and long strings might cause decoding problems in special situations (email plugins might force quoted-printable encoding to wrap the long line if containing more than 76 chars, e.g.).

Version 3.0.2 - 25.10.2001

• A small fix now truely lists all known keys in PGP's decryption passphrase dialog, and a workaround for avoiding a strange kPGPError_BadIntegrity error when analysing certain PGP data has been implemented. It only occurs after skipping further processing of these data (seems to be related to using RSA V4 keys).
• Another bug has been fixed which didn't move the associated KeyPropsRec with a KeyPropsList item, and you don't get an error any more when trying to sign data without using PGP's signing passphrase dialog and no default key defined.
• TPGPEncode and TPGPDecode now return kPGPError_CantOpenFile instead of kPGPError_FileNotFound if no valid output file has been specified.

Version 3.0.1 - 13.10.2001

• Writing of keyring changes to disk and notifying about them (see Messages) with PGP 7 have been fixed, a key filtering bug regarding user IDs has been removed, and the components have been modified (see KeyPropTypes.pas) to work with Delphi 6, too.

Version 3.0.0 - 07.10.2001

• PGP 7 modifications now make the components work with both versions 6.5.x and 7.x: Due to the massive changes of keyring handling this unfortunately results in some very ugly coding which really makes it difficult to fully understand the source code without looking up each and every function declaration in the translated header units - but in general it works well except for some parts depending on the PGP client and support libraries (PGPcl and PGPsc) of which the sources aren't available any more. Other important changes in PGP 7.x are the availability of new cipher algorithms (AES and Twofish) and the capability of adding (DH) subkeys to RSA keys created with this version (so-called V4 keys). Some minor bugs have also been fixed.

Version 2.0.8 - 18.08.2001

• WipeFiles has been added as a new utility function and a warning to ReadMe.txt about problems with Delphi if PGP 6.5.x can not be found.

Version 2.0.7 - 04.08.2001

• Fixed a bug in TPGPDecode which discarded output if the last part of an encoded package didn't actually contain any raw data.
• Added Armor (for detached signing) resp. MIME (for clear signing) checkbox to the passphrase dialog in TPGPEncode and enabled keyboard shortcuts for the checkboxes in its key selection dialog.

Version 2.0.6 - 28.07.2001

• Some more possible Longbool problems have been fixed (sorry, see 2.0.5).
• The property EncryptToSelf has been added to TPGPEncode to switch the option of automatically including the signing (or default) key with public key encryption.

Version 2.0.5 - 22.07.2001

• Different handling of Longbools depending on the respective Delphi version led to some invalid error codes in TPGPDecode (OnGetAnalysis and OnGetPassphrase) with versions > 2.x.
• You can now use alternative keyrings instead of PGP's defaults by setting AltPubKeyring and AltPrivKeyring in TPGPPreferences.

Version 2.0.4 - 14.07.2001

• Change of the keyserver functions implementation and fix of a bug causing these to abort unexpectedly.
• Clear signing data didn't return with the correct SignKeyID after selecting a non-default signing key via the passphrase dialog.

Version 2.0.3 - 18.06.2001

More bug fixes:

• OnGetPassphrase in TPGPEncode didn't work with only a single signing key on the keyring.
• Error messages didn't get retrieved when OnFailure wasn't assigned.

Version 2.0.2 - 17.06.2001

• Some memory leaks in TPGPDecode have been fixed and another interface unit (pgpKeyServer) has been added.

Version 2.0.1 - 12.06.2001

A bug fix and another utility function have been added:

• DoKeyPassChange in TPGPSetKeyProps now correctly changes not only the master key's but also any subkey's passphrase on DH/DSS keys.
• The new ValidPassphrase function checks a passphrase against the key provided.
• Some error messages will now alert you about missing PGP libraries and the required version.

Version 2.0.0 - 04.06.2001

• This set of components now only supports PGP versions 6.5.x. The whole code has been completely rewritten to provide a direct interface to PGP, so their development doesn't rely on third party libraries any more. It gives more flexibility in using internal features of PGP and makes several jobs easier to do than before. In addition there are now standard dialogs available for all components, which is especially valuable for retrieving passphrases as they have several important security features. And a small bug has been fixed: Time stamps haven't been reported correctly (due to summertime / wintertime changes) when converted to local timezones. The most pronounced component changes are listed below, for more details see the respective parts of this help file:
• TPGPPreferences: The "old style" methods DoGetPreference / DoSetPreference have been removed, but single preferences can still be retrieved or set using DoGetPreferences / DoSetPreferences with the respective preference property set.
• TPGPKeyServer: This is a new component providing methods for retrieving keys from and sending keys to the default keyserver defined in PGP's Servers preferences. It also contains methods for retrieving and changing this default server preference entry.
• TPGPGetKeyProps: The methods DoGetKeyPropUserID, DoGetKeyPropSig, DoGetKeyPropRevokationKey, DoGetKeyPropADK have been removed, their main functionality being integrated into the new DoGetKeyProps method. DoGetKeyRingToFile has been completely abandoned. DoGetKeyProps and KeyIsOnRing can now both search for user or hex IDs and return the number of matching keys as result. As the KeyProps structures have changed again a couple of convenience methods have been added to retrieve key properties - and you may define key filters and key ordering before calling DoGetKeyProps or Update. Finally a new handling has been introduced for automatically updating the ID lists which even enables notification about changes applied by PGP itself.
• TPGPSetKeyProps: A new DoKeyRevoke method has been added.
• TPGPKeySign and TPGPKeySigRemove are not available any more (did anyone really use them?).
• TPGPKeysGenerate doesn't use a separate thread any more for showing progress as PGP itself provides an event giving status information about the generation process and enabling users to cancel it.
• TPGPKeyImport and TPGPKeyExport: Some minor changes have been applied to key selection and data handling.
• TPGPEncode: Besides integrating the DetachedSign functionality lots of changes have been applied making it easier to use the different encoding methods with a less complex property handling. And an OnShowProgress event has been added passing the bytes processed so far depending on the setting of a ProgressInterval property.
• TPGPDecode: Besides integrating the DetachedSigVerify and the Analyse functionality some properties have been added to provide more decoding options and cover all PGP-encoded data including keys. It now provides "for your eyes only" capabilities, can use PGP's signature logging window, and an OnShowProgress event has been added passing the bytes processed so far depending on the setting of a ProgressInterval property.

Version 1.3.2 - 04.10.2000

• Just added a missing key properties flag and its respective TKeyRec / TKeyProps entries: Expired.

Version 1.3.1 - 27.08.2000

• Important bug fix: Due to the PChar type casting of pchars returned by SPGP's functions your applications gathered lots of waste memory during execution which was only released when closing the application. This has been fixed now by adjusting the returned strings to their real length using the SetLength function.

  And another problem occuring in Delphi 5 (at least) has been solved: var ADKeyCount for the imported function spgpKeyPropADK and var RevKeyCount for the imported function spgpKeyPropRevocationKey had to be declared as Longint to prevent compiler errors.

Version 1.3.0 - 08.08.2000

New features available since SPGP version 2.5.0.0:

NB: The most important changes first, as some modifications have been applied which will affect applications you may have written using former versions. Steve Heller is introducing a new, more flexible and extensible way of setting options which can gain you a major improvement of performance. So far it has only been applied to the SPGP functions KeyRingID, GetKeyProps and two new functions, but it will be implemented for all applicable functions with his upcoming version 3. Using the components you will not have to deal with them directly, as they have been converted to option sets. If you still want or need to keep compatibility to former versions you may set the global flag CompatibilityMode to true.

Nevertheless there are some changes you may have to apply to your applications:

• Two record fields in TKeyRec and TSigRec have been renamed (still containing the same data, though).
• The property AllProps in TPGPKeyImport has been removed (set to true by default).
• The properties Trust and Validity have been removed from TPGPKeySign as they still are not implemented in SPGP.
• To all components using passphrases (except for TPGPSetKeyProps) a new OnWipePassphrase event has been added to retrieve the passphrase before it is wiped (which hasn't been done before).
• OnGetPass for DoKeyPassChange in TPGPSetKeyProps now additionally passes MinPassLen and MinPassQual.

The new features:

1. TPGPGetKeyProps

   has been modified to use the new flags feature. The Update method can now retrieve nearly all available information about a keyring's keys at once without having to call DoGetKeyProps for every single key, just by setting the desired options. DoGetKeyProps has accordingly been changed to only get the properties you have selected instead of providing a fixed list (like in compatibility mode).

   Some new utility functions have been added to retrieve these data without hassles - see KeyRec, KeyProps and ExtractKeyProps for changes. The new methods DoGetKeyPropADK and DoGetKeyPropRevokationKey (similar to DoGetKeyPropUserID) will provide more detailled information about sub-keys added to DH/DSS keys (no compatibility mode available).

2. TPGPreferences

   provides two new methods besides the old single parameter functions: Using the flag feature you can now choose which options to get or set at once without having to call a function for every single preference. And the last missing preference has been added: PGPPref_GroupsFile.

   Furthermore a new standard dialog has been added here: ShowPrefsDialog will show PGPkey's preferences dialog with the tab control page at its front that you select by setting the property PrefsPage (available for all PGP versions supported by SPGP).

3. And finally I've added the new TPGPKeysGenerate component, though Steve's reference still characterizes them "as experimental and subject to change": They provide four methods for creating RSA keys, DSA (sign-only) keys, DH (encrypt) sub-keys and the complete DH/DSS key pair at once. Please read the instructions carefully.
4. All components changing key rings or keys (TPGPKeysGenerate, TPGPKeyImport, TPGPSetKeyProps, TPGPreferences) now provide the property GetKeyProps which enables you to have your user ID and hex ID lists updated automatically.

Version 1.2.4 - 29.07.2000

• Only fixed two minor bugs in SPGP.PAS: Changed parameters ADKeyCount for function KeyPropADK to var ADKeyCount and RevKeyCount for function KeyPropRevocationKey to var RevKeyCount.

Version 1.2.3 - 30.06.2000

• This is just a maintenance release to keep compatibiliy with the latest SPGP version (2.5.0.0): Two function calls have been adjusted to make sure they work like before, and some new error codes have been added.

Version 1.2.2 - 11.04.2000

• Verifying signatures using TPGPDecode has been enabled.

Version 1.2.1 - 08.04.2000

• In SPGP version 2.4.1.0 the declaration of spgpSubKeyGenerate has been changed, which now is reflected in the respective function declaration in spgp.pas. Also Steve Heller has implemented support for gathering random user-input for spgpKeyGenerate with PGP 5.5.x (remember both these functions are still declared as experimental by Steve and neither supported by any of these components nor their author).
• Additionally I've (re-)implemented alphabetical sorting of the list of public keys, as it is not provided by the latest versions of SPGP any more.

Version 1.2. - 28.02.2000

1. With SPGP version 2.4.0.0 the following changes / additional features are available:
2. TPGPEncode: The DoEncode method (by default) has been restricted to doing textmode / armored encoding only, as binary encoding wouldn't work properly (you cannot pass binary data as strings).
3. TPGPEncode: The DoEncodeFile method now attaches .pgp to FileIn's name if you don't provide FileOut.
4. TPGPDetachedSigCreate: The DoSigCreate method now attaches .sig to FileIn's name instead of changing its extension if you don't provide FileOut.
5. TPGPSetKeyProps: The DoKeyPassChange method now provides setting and checking of minimum length and quality.
6. The OnGetSignKeyPass, OnGetPassphrase and OnGetPass events in TPGPEncode, TPGPDecode, TPGPDetachedSigCreate and TPGPSetKeyProps now verify that you select a private key and provide a KeyProps record for showing detailed information to the user about the key that the passphrase is required for.
7. Cancelling the passphrase dialogs will now return properly without keeping the last passphrase entered.
8. The default PGP dialogs (only with PGP versions 6.x) are now available for the following methods:
9. • DoEncode / DoEncodeFile (TPGPEncode)
   • DoDecode / DoDecodeFile (TPGPDecode)
   • DoSigCreate (TPGPDeatchedSigCreate)
   • DoKeyPassChange (TPGPSetKeyProps)
10. To enable using these dialogs just set the new property StandardDlg of the appropriate components to true. Another new property coming along with this feature is ParentHandle, which allows you make PGP's dialogs act as child windows of your application's windows (forms): It takes the handle of the intended parent window.
11. A PGP6X function has been added to determine whether the previous mentioned standard dialogs are available on the respective computer. It is called implicitely on execution of these methods.
12. Another unit providing the PGP error constants has been added.
13. A direct link to Steve Heller's function reference has been added to the help file's References page.
14. Some more functions (e.g. key generation) are available through the spgp.pas wrapper but currently not included in these components and not supported by the author (see Steve Heller's function reference).

Version 1.1 - 16.11.1999

• With SPGP version 2.2.3.3 (that now fully supports PGP 6.5.1, there was a problem with the preference methods) a new SetKeyProps method has been implemented: KeyRemove, which removes a public key from the default keyring. Also the preference methods now support getting and setting the default key ID and have been completed to make this feature accessible.