学习使用GPG来加解密、签名文件或邮件+mailvelope
date
Feb 8, 2022
slug
learn-gpg
status
Published
summary
小技巧
tags
tip
type
Post
URL
Problem & SummarySoltion生成加解密签名同时签名和加密上传公钥服务器 - 但并没有必要 - Export & Importhttps://mailvelope.com 插件配合Gmail可以直接加密或者解密textMac GUI - gpg-suite https://gpgtools.org/Some Public Keys
Problem & Summary
- sender的人用receiver-public-key来加密; receiver-private-key来解密
- sender用sender-private-key来签名;receiver用sender-public-key来验证签名
Soltion
生成
# 安装
brew install gnupg
# 生成完整证书
gpg --full-generate-key
# 使用 gpg -k 查看是否有证书
gpg -k
gpg --list-secret-keys --keyid-format LONG
# 输入对应的uid 或email #--output public-key.txt 来输出public-key到文件
gpg --armor --export 5951F72173704D
gpg --armor --export xxx@nine.im
加解密
# 加密
gpg --recipient <gpg_key_id_or_email> --output demo.en.txt --encrypt demo.txt
# 解密
### –output 参数需要放前面。如果未将私钥的密码保存到钥匙串,这里会弹出输入密码窗口
gpg --output <output_file_name> --decrypt <input_file_name>
### 允许省略decrypt参数 解密后的文件内容直接显示在标准输出
gpg demo.en.txt
签名
# .gpg文件,这就是签名后的文件。这个文件默认采用二进制储存
gpg --sign demo.txt
# 生成demo.txt.asc文件,后缀名asc表示该文件是ASCII码形式的
### sign并不会将文件加密 - 目的是根据文件内容+private生成一段signature
gpg --clearsign demo.txt
同时签名和加密
# armor参数表示采用ASCII码形式显示,sign参数表示需要签名,encrypt参数表示指定源文件
gpg --local-user [发信者ID] --recipient [接收者ID] --armor --sign --encrypt demo.txt
# recipient拿到后直接;同时验证发行者的签名是否为真
gpg --decrypt demo.txt.asc
上传公钥服务器 - 但并没有必要 - Export & Import
gpg --send-keys [用户ID] --keyserver hkp://subkeys.pgp.net
gpg --fingerprint [用户ID]
gpg --list-secret-keys
# export in plain text
gpg --export-secret-keys -a [key-ID]
# export in passpord protected text
gpg --export-secret-keys [key-ID] > tbh9527.privatekey.asc
# 导入其他人的密钥
gpg --import [密钥文件]
# 或者到公钥服务器上寻找
gpg --keyserver hkp://subkeys.pgp.net --search-keys [用户ID]
https://mailvelope.com 插件配合Gmail
可以直接加密或者解密text
Mac GUI - gpg-suite https://gpgtools.org/
brew install --cask gpg-suite
Some Public Keys
kxultra at ~ ❯ gpg --armor --export tbh9527@riseup.net
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZaZz+xYJKwYBBAHaRw8BAQdAfdO0KkTJVUlU4jeRFjvcqboJclRlASqUfssD
K3OG2Ei0HHRiaDk1MjcgPHRiaDk1MjdAcmlzZXVwLm5ldD6IkwQTFgoAOxYhBBai
8dnvs1PbrdFYsEF3NRSorocnBQJlpnP7AhsDBQsJCAcCAiICBhUKCQgLAgQWAgMB
Ah4HAheAAAoJEEF3NRSorocnORkA/3cL4ExkksR/VQXG8b00JcBM1lgPtIv4UZlT
DdccozmpAP97vyPI+lmCiYX7tZyhUhRfel0cXxfGEO41SJBIBBr8ALg4BGWmc/sS
CisGAQQBl1UBBQEBB0DEjSboqN7tEtxhtTODCuCPUMgqoVaNl9FfdhXAsKj4KwMB
CAeIeAQYFgoAIBYhBBai8dnvs1PbrdFYsEF3NRSorocnBQJlpnP7AhsMAAoJEEF3
NRSorocniNQBALTVDJrkSUCHxYPpipkPNL3zwGYiTs8sXahd6DC2SgNLAP46ZeKQ
Vn1gOrXLWITcJV7OzUs4ldNMriCpOGoVhmO3CQ==
=Nre8
-----END PGP PUBLIC KEY BLOCK-----
kxultra at ~ ❯ gpg --armor --export lastlavalake@gmail.com
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGICgOMBEAC57kmST3NBhEht0mJydyF+KJ9vbTjxMLsFEu2vONZuYKZeDQtr
KveNfjCBdEicI6GR+rKOldAtI9xFHtkg+1lhXaaF7ajHCfH04CLT7slgr+dYkuvQ
HAoAlGEatsigdPs3Z8AaaypJacwfnE9vO3VQ0dPcPl8BkhCwCy/ApEVmUJIQ9vA/
rdzniLv0Oa748sHnK7wpS35w8yzZkMh+gNubj/X2XDtEb+aPX+UyeONrs5ti4ioL
R28ZRp8ZVqvOf3lBc7MoaXRTdoffNjgFGCGUFE5KFf3Gn7qHxrr6FlhQRU0S19c4
EcbWyWK9Y4FUGotZ+RlcS358Uki71xkeLq6tNtHSM+5Z8p38/vVcEl+nj/WA388r
TPYzBkrhh53RUa9NkRhMM9i3nbdL0CzjxTYYQ4Kt29TiTgw/20udrfV2DqBbNToe
bAz3LrJd77ClXf6H7rI+YgnWFHswoQilVzZf5pGyWJefiPd7B7TbiHY48elWcXjT
sivUbBjQ6dutlvFcRZVDSwU1emaIyBe1LqNb39+mkx8vUfsipc0f7Pd0nEIKJmYD
x/N1zk4T1iNgPcZZ2r9IVO7vEVU1Vm1iJKAMJB35QRaoHRXhf6ucf+TTnl/4EHEX
h/BVhPccNExQrO4QD4RdF4yaSNoapmtK13knVNAJifJxfa/3aYJGBhArgQARAQAB
tCJMYXZhIExha2UgPGxhc3RsYXZhbGFrZUBnbWFpbC5jb20+iQI1BBABCAAfBQJi
AoDjBgsJBwgDAgQVCAoCAxYCAQIZAQIbAwIeAQAKCRDBHxfvy8vhaedsD/4t2JPo
qkRjsl9wAE604TiLxYud2BVVu0P1JCxvmFuSw+moj6crle+gME76XSH/dtVtrzaS
XVcwAPLzfKAkVbvIiZVay5jZ1GGSJsd7VuLaPY6Hk7n1AggTDFcC8aZww1agUYJC
ahf1b+vDhvvUIbsmql/RGKygAtjGY74m0GaztSsLZopSeOH56cOJNcZo+NFnuWeY
q46hGewDlNrnUi7gTyHffkynush3EmUTuTwWXXs92PRbctpxGfjQybceFBtCTGGd
MR430O7ZCYPhicPA32Uk0NUg7o8lATccI9TUmS9W1OrPE+2uZKYH8nQHe65BYvex
O9MJdYuuZUkmGkBHFrC8BLi5eT1AL++4SwUqJFJxxONPLKKJc/rWAQb4+pU7ofV8
JbY2ygrx+Q9tcGtQToeDzcl7mAHuTwbFy0hkWCg2K8ICeJKVYSjQ3p+vmp4A9WaM
EjTEzEM8RRjTpnjH9pBvhxO+60qzwB8LxLEMNg0dijUeqX3gYAZtrJZeB1hp1K+Z
Uk88tn4LHG1aRiJrIYar4dDx9VG6SGx2gT2hJMov+nvJ6goTN+fX5pkVMXX4U6NN
j4Kte1Bfea+gmxMbuQlddYuYzmT34TehSdZZQ1D32pDRtko9RoIhIWxm9MeuolmP
qKk4+6tB7g4JOVogBIU08gNRYN5eUhSjIYnKeLkCDQRiAoDjARAAuJU0JFz9AmQ+
OsFtvMsqO7mnWjP3rdUKKemVGnaB4ZJT91u7u0XCBoLbJY/LYU5AGmCdKx7zJ3wh
3yWbg52+PZ5RRG3KiUWq4NAObjYxltoQLBCRhA945URIYNIKa+D6nqBa01ynJjms
7ueYR4sfjOr3Of/4O84CrABvUzcmXrf+aMCwJyTFCsjKLzZ2ZUUZicgNyxS8aNKP
R/YnHXU2zT/DJng3gmNDm1D0MDMCoDB3E/xsI3yD7QSYziHk6o10gwuzSFoWtsfL
tQLilo8NVMeMEMseoqI9J9v4wFYm7JamNgYHfC3JB3fLGFvRIjF9D9FES5dSntZl
Al/fFd4rALAWm9j1RpmsBIEY21hbfN5Yb9oxAX0rnnAbSE9ZAKBGJHD9TWwkiq2W
sOZ3Xg4gsQBS+4P3tCLpDGhNqXh7/5eXYT8BwgII6x1fbRog0vClnJqCYRHQ0cK1
Lqk6s3C3oEGbfygBsBtGSM2otGJFOX0flkMZn9Mvfz9vjxSQETVd4xhRjqDVkcEG
0rDPeOrngYUf0xPxvTdiUKosGoF5BVSQGpNdQog9+3Ioz5amg4Pxq38SReJ5tcbf
Az3FSLmaLhptT8tZbck0lv3P0zejudGYj+VUa+XMp01cIeT/LMilhHXTXZNZS4u+
PyGwpahVNKWaZiomvg+cofrsvzx13rcAEQEAAYkCHwQYAQgACQUCYgKA4wIbDAAK
CRDBHxfvy8vhaWROD/9mFo4IKpUi8eSdGtetLSqjnSmswSziICJpwVS7be08fflR
VsL3Af3MkjC0rT3HK5rZqM80GKZSeXIwrd9ao9csGBwEOnvtaAQk5X013riBQN3x
03NGOqckUnmbyFGdY4FfMr+iyGh/nVtyB2U6+g3EUJzliac7T0ECreXZXHYtOwnf
t+ypledeo8BzMwsh79CgcqfttTyyRK+JzH4QYytm/XmaW8rRH7FbKSVlpld6CgM0
O0TPioQyxysBeAK9F9cm1UZcBWjlkqtlT/s619c0ETcLFe9yLeSevwcGigxt/hP9
WYtdqDmDejue6u40zf0UIqMxMhQk8KJqiUOBf8oNwveBaEFMnyENlHnmsP+Q7Jjz
Kywur5nug1+ugIhNju5EBbCE+uS9f3SqJHEmQzB5bcZb64h/YcB9dNBOtly1moMq
SS5zaZEKZdx9LPlWUnOR30uyiTUepXFUFGfg5d5AtZNHLlfJQSrKem4ngcahhk0t
48H2QIq7I4Q6IPpW5s+a3ygirql/6yD3c3yYZcN/Vj6oVFL37aEqxqL7tWRCBXVN
v9LyefSn7T7dOa97EkpewIyklGzNZta8TBJtRONmwHJJHGnhSqS9Nv3JcRGUsQLJ
ZhLCfh02o5k/e0E+6MzsUEx3QZ/0oLuFrqFWU3KwysQBsuk50ObLU2Wioq2XZA==
=HKCO
-----END PGP PUBLIC KEY BLOCK-----