[PGP] GPG 指令指南 – GPG Commands

PGP Flow | Installation |Command |SDK

Intro

PGP (Pretty Good Privacy) - Wikipedia

OpenPGP - PGP - Wikipedia

GPG / GnuPG (GNU Privacy Guard) Wikipedia

GPG Software Download

PGP - yidas/web-service-principles GitHub

Flow

Flow


安裝 Installation

Linux Ubuntu

$ sudo apt-get install gnupg

MacOS with brew

$ brew install gnupg

Commands

產生金鑰 - Generate public/private key

$ gpg --gen-key

完整產生金鑰選項:gpg --full-generate-key,含algorithm, key length, expired time

其中,Usernamepassphrase為必要。

列出金鑰 - List keys

list keys (Public keys): -k, --list-keys

$ gpg -k
/Users/user/.gnupg/pubring.kbx
-----------------------------------
pub   rsa4096 2022-03-17 [SC]
         FF109AE3F8E4A67130647BD887C3B247FDB83745
uid    [ultimate] Test Key 
sub   rsa4096 2022-03-17 [E]

pub   rsa3072 2022-03-17 [SC] [expires: 2023-03-17]
         1DBB24F86AF46DC56793606C25BA88AD42AE2F73
uid    [ultimate] Test Expiration 
sub   rsa3072 2022-03-17 [E] [expires: 2023-03-17]

list secret keys: -K, --list-secret-keys

$ gpg -K
/Users/user/.gnupg/pubring.kbx
-----------------------------------
sec   rsa3072 2022-03-17 [SC] [expires: 2023-03-17]
       1DBB24F86AF46DC56793606C25BA88AD42AE2F73
uid   [ultimate] Test Expiration <test-expiration@email.com>
ssb   rsa3072 2022-03-17 [E] [expires: 2023-03-17]

加密 - Encryption

$ gpg -ear {Key-Name}  < plain.txt > plain.txt.asc

其中-a為輸出ASCII Armor格式,-r為指定Key的USER-ID

解密 - Decryption

$gpg -d < plain.txt.asc > plain.txt

密文裡包含Key資訊,不需額外指定Private Key

匯出金鑰 - Export

匯出Public Key:

$ gpg --export -a "{User-ID}" > public-key.asc

匯出Private Key:

$ gpg --export-secret-key -a "{User-ID}" > private-key.asc

匯入金鑰 - Import

$ gpg --import key.asc

刪除金鑰 - Delete

刪除Public Key:

$ gpg --delete-keys "{User-ID}"

刪除Private Key:

$ gpg --delete-secret-keys "{User-ID}"

格式轉換 - Armor

Binary包裝轉成PGP ASCII armor:

$ gpg --enarmor < filename.gpg > filename.asc

PGP ASCII armor解包轉回Binary:

$ gpg --dearmor < filename.asc > filename.gpg

SDK 開發套件

JAVA

PHP

Python

Leave a Reply

Your email address will not be published. Required fields are marked *