PGP Flow | Installation |Command |SDK
Intro
PGP (Pretty Good Privacy) - Wikipedia
GPG / GnuPG (GNU Privacy Guard) Wikipedia
PGP - yidas/web-service-principles GitHub
Flow
安裝 Installation
Linux Ubuntu
$ sudo apt-get install gnupg
MacOS with brew
$ brew install gnupg
Commands
產生金鑰 - Generate public/private key
$ gpg --gen-key
完整產生金鑰選項:
gpg --full-generate-key
,含algorithm, key length, expired time
其中,Username
與passphrase
為必要。
列出金鑰 - List keys
list keys (Public keys): -k, --list-keys
$ gpg -k
/Users/user/.gnupg/pubring.kbx
-----------------------------------
pub rsa4096 2022-03-17 [SC]
FF109AE3F8E4A67130647BD887C3B247FDB83745
uid [ultimate] Test Key
sub rsa4096 2022-03-17 [E]
pub rsa3072 2022-03-17 [SC] [expires: 2023-03-17]
1DBB24F86AF46DC56793606C25BA88AD42AE2F73
uid [ultimate] Test Expiration
sub rsa3072 2022-03-17 [E] [expires: 2023-03-17]
list secret keys: -K, --list-secret-keys
$ gpg -K
/Users/user/.gnupg/pubring.kbx
-----------------------------------
sec rsa3072 2022-03-17 [SC] [expires: 2023-03-17]
1DBB24F86AF46DC56793606C25BA88AD42AE2F73
uid [ultimate] Test Expiration <test-expiration@email.com>
ssb rsa3072 2022-03-17 [E] [expires: 2023-03-17]
加密 - Encryption
$ gpg -ear {Key-Name} < plain.txt > plain.txt.asc
其中
-a
為輸出ASCII Armor格式,-r
為指定Key的USER-ID
解密 - Decryption
$gpg -d < plain.txt.asc > plain.txt
密文裡包含Key資訊,不需額外指定Private Key
匯出金鑰 - Export
匯出Public Key:
$ gpg --export -a "{User-ID}" > public-key.asc
匯出Private Key:
$ gpg --export-secret-key -a "{User-ID}" > private-key.asc
匯入金鑰 - Import
$ gpg --import key.asc
刪除金鑰 - Delete
刪除Public Key:
$ gpg --delete-keys "{User-ID}"
刪除Private Key:
$ gpg --delete-secret-keys "{User-ID}"
格式轉換 - Armor
將Binary
包裝轉成PGP ASCII armor
:
$ gpg --enarmor < filename.gpg > filename.asc
將PGP ASCII armor
解包轉回Binary
:
$ gpg --dearmor < filename.asc > filename.gpg