diff options
| author | saturneric <[email protected]> | 2024-04-05 14:01:30 +0000 |
|---|---|---|
| committer | saturneric <[email protected]> | 2024-04-05 14:01:30 +0000 |
| commit | 0dbba9d72ae16c3f3de812944d2302126b1413af (patch) | |
| tree | 2d8285265acb0de16cbac5fd352ed34fd04c3184 | |
| parent | fix: could not determine the path to the executable based on the desktop file (diff) | |
| download | GpgFrontend-0dbba9d72ae16c3f3de812944d2302126b1413af.tar.gz GpgFrontend-0dbba9d72ae16c3f3de812944d2302126b1413af.zip | |
docs: move manual out of repo
34 files changed, 0 insertions, 2724 deletions
diff --git a/manual/.nojekyll b/manual/.nojekyll deleted file mode 100644 index e69de29b..00000000 --- a/manual/.nojekyll +++ /dev/null diff --git a/manual/CNAME b/manual/CNAME deleted file mode 100644 index df655f46..00000000 --- a/manual/CNAME +++ /dev/null @@ -1 +0,0 @@ -gpgfrontend.bktus.com
\ No newline at end of file diff --git a/manual/_coverpage.md b/manual/_coverpage.md deleted file mode 100644 index 9c8e8afd..00000000 --- a/manual/_coverpage.md +++ /dev/null @@ -1,26 +0,0 @@ -<img width="256" height="256" align="center" src="https://image.cdn.bktus.com/i/2024/02/24/f3f2f26a-96b4-65eb-960f-7ac3397a0a40.webp" alt="GpgFropntend"/> - -- **A Free, Easy-to-Use, Cross-Platform [OpenPGP](https://www.openpgp.org/) Crypto Tool.** -- **One of the excellent GUI Frontends for Modern [GnuPG](https://gnupg.org/).** - ---- - -## Brief Introduction - -- Rapidly encrypt files or text. -- Digitally sign your files or text with ease. -- Conveniently manage all your GPG keys on your device. -- Transfer all your GPG keys between devices safely and effortlessly. - -## Features - -- Cross-Platform, can run on **Windows, Linux and macOS**. -- Open source, Installation-free and Free forever. - -[Downloads](downloads.md) -[Manual](overview.md) -[Document](https://doxygen.gpgfrontend.bktus.com) - -<!-- Background Color --> - - diff --git a/manual/_media/icon.svg b/manual/_media/icon.svg deleted file mode 100644 index 67375a64..00000000 --- a/manual/_media/icon.svg +++ /dev/null @@ -1 +0,0 @@ -<?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg t="1641046753295" class="icon" viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="732" width="64" height="64" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css"></style></defs><path d="M763.52 968.96H261.248C147.2 968.96 54.784 876.544 54.784 762.496V260.224C54.784 146.176 147.2 53.76 261.248 53.76h502.272c114.048 0 206.464 92.416 206.464 206.464v502.272c0 114.048-92.416 206.464-206.464 206.464z" fill="#89898E" p-id="733"></path><path d="M671.36 365.44c0-88.576-72.32-160.128-161.536-158.976-81.024 1.152-150.656 66.688-156.288 147.456-5.504 79.104 46.336 146.56 118.016 165.12h0.128v224.128c0 5.12 1.92 9.984 5.376 13.824l45.568 49.92c4.48 4.992 12.288 4.992 16.768 0l65.664-71.68c4.608-4.992 4.352-12.672-0.384-17.408l-33.536-33.536c-5.248-5.248-5.248-13.952 0-19.2l36.096-36.096c7.04-7.04 7.04-18.304 0-25.216l-43.392-43.392c-4.224-4.224-6.528-9.856-6.528-15.744v-26.368c65.92-19.328 114.048-80.384 114.048-152.832zM512.256 294.4c22.528 0 40.832 18.176 40.832 40.576 0 22.528-18.304 40.576-40.832 40.576-22.272 0-40.576-18.176-40.576-40.576 0-22.528 18.304-40.576 40.576-40.576z" fill="#FFFFFF" p-id="734"></path></svg>
\ No newline at end of file diff --git a/manual/_media/trademark.png b/manual/_media/trademark.png Binary files differdeleted file mode 100644 index 7e9841be..00000000 --- a/manual/_media/trademark.png +++ /dev/null diff --git a/manual/_navbar.md b/manual/_navbar.md deleted file mode 100644 index 6e3c6962..00000000 --- a/manual/_navbar.md +++ /dev/null @@ -1,7 +0,0 @@ -<!-- _navbar.md --> - -- [Source Code](https://github.com/saturneric/GpgFrontend) -- [Document](https://doxygen.gpgfrontend.bktus.com) -- [Manual](overview.md) -- [Downloads](downloads.md) -- [Contract](contract.md) diff --git a/manual/_redirects b/manual/_redirects deleted file mode 100644 index f8243379..00000000 --- a/manual/_redirects +++ /dev/null @@ -1 +0,0 @@ -/* /index.html 200
\ No newline at end of file diff --git a/manual/_sidebar.md b/manual/_sidebar.md deleted file mode 100644 index 89a4f1e8..00000000 --- a/manual/_sidebar.md +++ /dev/null @@ -1,30 +0,0 @@ -- Getting Start - - [Overview](overview.md) - - [Quick Start](quick-start.md) - - [Downloads](downloads.md) - - [Concepts for Beginners](basic-concepts.md) -- Basic Guides - - [Understand Interface](basic/understand-interface.md) - - [Encrypt & Decrypt Text](basic/encrypt-decrypt-text.md) - - [Symmetric Encrypt & Decrypt](basic/symmetric-encrypt-decrypt.md) - - [Sign & Verify Text](basic/sign-verify-text.md) - - [Encrypt & Decrypt File](basic/encrypt-decrypt-file.md) - - [Sign & Verify File](basic/sign-verify-file.md) - - [Generate Key Pair & Subkey](basic/generate-key.md) - - [View Key Pair Details](basic/view-keypair-info.md) - - [Import & Export Key Pair](basic/import-export-key-pair.md) - - [Key Server Operations](basic/key-server-operations.md) - - [System Requirement](basic/system-requirement.md) -- Features Guides - - [Introduce](features/introduce.md) - - [Sync ALL Public Key](features/sync-all-public-keys.md) - - [Export As Key Package](features/key-package.md) -- Contributions - - [Contribute to Translate](contribute/translate-interface.md) - - [Contribute to Development](contribute/contribute.md) - - [Setting Up Development Environment](contribute/setup-dev-env.md) -- About - - [FAQ](faq.md) - - [Code & Binary Verify](about/code-binary-verify.md) - - [Contact Information](contract.md) - - [Dependencies](manual/dependencies.md) diff --git a/manual/about/code-binary-verify.md b/manual/about/code-binary-verify.md deleted file mode 100644 index 0bd42b88..00000000 --- a/manual/about/code-binary-verify.md +++ /dev/null @@ -1,158 +0,0 @@ -# Code & Binary Verify - -To enhance the security and integrity of software distribution, it's crucial for -developers and users alike to employ methods for verifying the authenticity and -integrity of code and executable files. The process outlined below aims to -fortify trust in software distribution by leveraging digital signatures and -secure, automated build processes. - -### Automated Build Process - -Our software leverages **GitHub Actions** for automated compilations, ensuring -that every binary file version released is directly compiled from the source -code stored in the GitHub repository's main branch. This approach guarantees -that the compilation process is transparent, replicable, and free from manual -interference. The exact commands and environment configurations used during the -compilation are documented within the project's `.github/workflow/release.yml` -file, allowing for full accountability and reproducibility. - -### Third-Party Library Assurance - -To uphold our commitment to security, we do not include GnuPG in our major -releases and strictly avoid insecure or proprietary third-party libraries. -Instead, we only utilize third-party libraries that are open-source and have -been compiled from publicly accessible code repositories. This practice ensures -that our software remains secure and trustworthy. - -### Code Verification - -We encourage users to review our code to ensure its integrity and security. The -code for all releases is available on our GitHub repository. For any inquiries -or concerns, please feel free to contact us directly. Most new git commits are -signed with a designated key, which is also used for Git operations: `Saturneric -<[email protected]>`. This commitment to transparency allows users to verify the -authenticity of our code easily. - -#### Key Fingerprint - -``` -E3379489C39B7270E70E2E303AAF1C64137CEE57 -``` - -### Binary File Verification - -From version 1.0.5 onwards, we sign our packages containing the binary -executable files with a GPG key to further ensure security. Each package is -accompanied by a signature file in the release section (with a `.sig` suffix), -allowing users to verify the package before use using standard GPG tools. - -#### About Interface Verification - -Our software includes an "About" interface accessible from the help menu, -providing users with information about the software version, platform, and the -specific GitHub repository branch and commit hash used for compiling the binary. -This feature adds an extra layer of transparency and verification for users. - -### Public Key for Verification - -Below is the public key used for signing the commits and binary files, which can -be used to verify the authenticity of our releases: - -#### Key Fingerprint - -``` -E3379489C39B7270E70E2E303AAF1C64137CEE57 -``` - -#### Public Key (OpenPGP) - -``` ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQGNBGCVnvEBDACuEcjxckb4rocHGU7VPT/OOOOZapNG/0ViB3XhmzNh7q8QJiq6 -M4z0fpC5sf1pHXbbKtehLETrAUTFuaEp19askZI0ISoz5+qKGZuaM3bDZWBjwUpt -woVgUphfeZy2DFsnmTtVj9CRU9Nma6smXVFud3Roj2ImZ0NFrkdETvprfLJ7jqk/ -mXgznNbbJdqmQ4l0I1E91VmrqHHHSakh3grzRDj/GuDookQl2JZfLA0J55qOYdkF -5mmnqbYURGVcP2oot/wSrrWH0F/WatwRx9w+jZjrJWgKjJoqWwvzG8WGop1XkRn1 -Ea3Nzj/KsSL7C5YRu03BL7wNu6UNIJ/zsAnNLp87nCY85w+HnNGHkL3QcnqNQbQP -3aySOkIjXdT8AlGIV5r5wO/RBg4e+xASGzQXx9lYbjJiiIOP2uLxYGGFbalDoiCa -sonlXzMZTJrK7VvZ2UsnSnBJ8l/EPsY/AeZdWbmswQaFsJlfNsZZ6T5Rfyjtu8a3 -fwPJTTsbfIB6N3EAEQEAAbQbU2F0dXJuZXJpYyA8ZXJpY0Bia3R1cy5jb20+iQHO -BBMBCAA4AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE4zeUicObcnDnDi4w -Oq8cZBN87lcFAmCWg1kACgkQOq8cZBN87leJfQv/ShjV9PRi8ixlJ1Ez1TDG+4N9 -EHoi2IwVK1UF51kA9lxyD+8n1ZHpcz7bRXV+YhHAO4A2l1ENrkCJVIZK9OO+Z64l -TPKCV9JVSkxcpnr6sqKJ76Zplwah1ZkwAG9tdK9H95wgeIkO4oSRutX/cCJ35Gko -FfhbV+/OyPYTT2562SZeQ2VqnptGLm0eF+FVt0HP4uxvRyGfgHQD46Ki6dr/JOXQ -j57S06CIHGj1RT4uQVSx53gbFvfIgweHsWraRWwY8jMrgOazlo/KRHG4N04eQdzM -K+WA80ODKuXdhnlGFMhn3RCFZpRV+Upso9syJ1FFChzsuX69+mRPvAojEDnREgd9 -s61nx5xWy6vKMB9oZiomNuPw2EScBwS9EK0M6APqgBaIdL6HOC7kjxBLfqgyhulD -qGZXWNvFj5P2FNMVwSvK1cYftYz+QWqB5BhbJT2H/HpF2xNsH7jfTxwUp6KrN1Bz -geNWgpQDXS5ZXU7dk22BwSah3nXs+LJi3Sloeh/piQHUBBMBCAA+FiEE4zeUicOb -cnDnDi4wOq8cZBN87lcFAmCVnvECGwMFCQPC1M8FCwkIBwIGFQoJCAsCBBYCAwEC -HgECF4AACgkQOq8cZBN87le3zAv/fMnxVMORS5rz/vsc0X8YSldmM1MqdIKSNghK -nQKKnzTBtTKA/oHEyPhjnQRaCfi4eUGeUsdZq8fwbN6sWSmbhJ6cOVgIps9YcS/U -sCV4egUHGy/+ozgDSh563v82ROWxXjszcnFz0F2d4stgroe8A//3OgQDv1wuhMJe -vtSZe8W8ebj7mt0zNjccGQzNkWo82mOyZfjgvK//vWisW4JwP8gfEKBgAktj5MCY -iGS2NbWPAToDIPCA6hKPb3sHQIY2/tGkKwyvr4oxwYRkNq4T5PWcV0p3qRsQudHp -ZXGiL3VNIW04ihLcn8uxSE6sQK2eq5wp/6Wnt1EWG1xb0pU2nPFuAlULHsGxM+bB -YJOk5WzYST1xdgXW3QxVsIoTuVqA+ehqrzvu+gGCz4uenFt6OAswqR7ii8D/Tpso -RAU0nTEOAVpCxXAMgsdUS6jOjtyfTHixGlVL6U3dY3wTuqWdbxmYX/g00PnOTYF0 -1plvf21NHMeYLk68+1nRbtqoLnPVuQGNBGCVnvEBDAC8zNpSGRHUp+X7hit0bCDP -P8HR+rxH50rOVFtQNyXw32lkIrwnHq0Y7FR4t7OSWTkX1xvxhXMILQdTBxKKrBtF -IpQ44cO1UcklkYdCwE/F0lasLLfleo2NlG7ISwNEOxmJcWiwmkLHN3CnqXpXXqpG -DTRavbuhE7yRewp/jNSCsikrvL7NedB5Ef5EZmSkvx7kXibXKzgKcyft5OlylRMU -JS8gzzTPA+xMH/Cl1zFCSgymJw1DK1wx+u0ye2Oj7NDdrYtRR1qLpCq7kaGIPvIW -556/58sj+/YRGeP5JTjhYFk/K8QQr8cK6HWuJQVASJUP+KBk8CiaqzbOPjlq69eG -Oymraa8H7JvSR5ArJWPczOxQyiEbYABOtJk1ZSz4v4pa7+RLUfwFOYuTMyBoY3rJ -uGhVxA77oHftfjteH1YcKyJXrWnJEA2UbUmyRa5cwZ8S7HXOIvMhCQS897Tzjpab -lfnIKE0n99c2ylJ4y4fHYSXYDKiCPKniFio8CxfqY+cAEQEAAYkBvAQYAQgAJhYh -BOM3lInDm3Jw5w4uMDqvHGQTfO5XBQJglZ7xAhsMBQkDwtTPAAoJEDqvHGQTfO5X -FbAL/0XZJW6XUca9d7f6Ft/0crMILRKID5uuSaLN1jG7BuLTwyWPhi7eSWbZQmlD -Fun/E3vHFj3U/WG13DJL6M89f3707R6rKxT1B17Ht53bO9zHqJ9KesP1G+mR3phk -hnxoQFlFvfSASZbDFtwEm3eZs55UBY4EPYf9MV+qPT0iNu1KPVX427uQfI0Ic/m4 -xFAO2XI11wMunDQoXi7rjknjYWxqVyGgqgRLrBD1Bb/aLenKN9Wn4FajEDaYrgpH -46HHyhAOJ2RZbenWO689rZY6/0qPwDGRL7B2xiktu2G+e5JMJjuRhwEB0g63G8M1 -MVuRGr/PvrBjs58kF47rxWpp2xmo8dqCHjNS3ze9pl6oyshPa1J5zeDTNk3Ujgr9 -IJEzWLDWv9PP9ApcSD15Ia60bxSvsC8FJAZh81JEadLywx0QNBLmnMP3Dxpd21LK -W8cWXa31F6E6eNf/45h7UGxVBRoOdPQ/Kwg4z69V9T/AXOuK65XgtG5ajwlmoQcv -Vx7KIrkCDQRgloMRARAAtRIaNwOpLKA1ogvpzgx8/A8PeXCKvKPZ/ls+8sJ8RSZb -b8lmd+HN52sotj3h9XGZXO1123WLW5F7n/M3HazRBRLlIoUf5kWnuQmXXmUZ6DEC -mq9VoZ30CPHWDEZv/BoScXEHMZNEppziebe2r57SqY9cIONt7B2wzi3sVcYOtDye -c+9BUQoEEv/grSfRN/1Lzezb8Ac9XY0Jet9XK/ImKbGCoxMNzszGQeFO2Neg4hVG -65NIHjTRwzMUOp2D9GV14z/mu2xj5z0mP8zTLw2nzjSW8b0s9ewsvawH45s+XBS8 -ndMU3R+pnHqZBJXU1OR9XjSSMZhaNk+cpOgVwlmbGhNUZ4jSPNVZr/fABpgpY7Bh -ctY42Q3DZVSMwSmiGZA2Uoy7kKx2qtm1Q0ogh6x5mq9QKHODuh+Uc1XhbqxheySv -/jWxvnWhRqaRMBIY+H6vFbXRkQvYjdtwwHZvBRyF5VOsdSUbdLunjyIeKTl2wMqR -hm0y2li+nbTE+zbCcguGPtIMZq6V08M3OZZGxT1jZZocOi3y0qwuApaQvAvk7GpC -mjjbSsq/ykbPUMSQHqAh77YY/9/v2kBh5u21fBPmtPyndAeZTNyukJ2dq8pecVgP -eqT/sSs/Gn56T1cekPEIuUkUxQ4K1sLah1z4G+jg8VqCPIj4yBH6pfd6zBEPx70A -EQEAAYkD8gQYAQgAJhYhBOM3lInDm3Jw5w4uMDqvHGQTfO5XBQJgloMRAhsCBQkH -hh93AkAJEDqvHGQTfO5XwXQgBBkBCAAdFiEExEoeTMpVzDyCCrnkOlA5Ga/6SF8F -AmCWgxEACgkQOlA5Ga/6SF9U+hAAs59FJP2pCQDnrFCrmk38mVePAyPNceSm7IEl -zJWuoxf6XOkz7SP7Vh4mPxyRj3yltEnFN5tLvDOF8W+AwMMMHrK9TnXxnJ2HwCbY -ifLgAGmNrMq+IoagTJDAZvlkp4m3gHe6zDYv9UIbFKdnB48FbwtahNm9LjMbqNDc -nLBt+IuiO/PXUu6c56Wl+L9ntOSVLb1ySnRisI4iYx4J80GcFaMjlJFjQ5uGt0jh -Ardq4zFLYgJfTTl6cM8WTANiKO2a6DgpZxb1knfKOjdasqeQcEs4ZcB6Nf9Bcw/X -Qe2Ee85FA+qClxuIMTT5l6fDw+DXgZfSR0clwA4rMY7hCUvuRxCjc1LDOCbyHe/Z -PUAntlNNKrXEicXxi8Odpzcq0/rDR53OMyzFhGXpbbxa89F/B96H249IW/waefN6 -VKpSb693VOyl8AtQ2tRAvy7YxYyhUQIKKCuahjdoib3GmFNE67rjW9MUVfefIhvp -nBJaY8tp8YhYrDF0U9DMuYrTLcPu5VsR7gvlFY30If1XCavpAnq+eNaxIdTDIKfJ -Q2cgALPBfzogEOeR+RY4Lo46dIGCaEYTpbImcJdum0GVACoMb0T1oOXIHWd1hy46 -ianYKGxMmjfS1f13cr6F1U18l8QKMBZhNTBazw2IdXaugdnbqryEsp20zPQ+caGR -+E1wZmOLMAv+JMPJSK7Ra9cQf6GEos1XurjhaoegPh0Y9U4p1Dk1pQduI7togmJ/ -bhvIpawfi52rI/4I4g1HqjcU8iG6ZjTVE7kVVvDISex71czbmV9isWvW0HJlDgTQ -piZbTCPqvgyEZRF0eIA+VTXOKD/qUwxvw3jo75KEcmW+sezqctREgH02EBPuD5GC -Qyxi7+nNq37FTNYReydCEGEDfJXZ6x12FkW9nPe2fkxx7WT/ceVT2jGtSG4re5vk -wYtnfgKvfHXYmTudoMuVmIsJc9zcdvhL1Nmrd1BOyeJmQCNyvwP48OkU5TqIGHc4 -PcbwniPKO8tozjuwE+iO2TjgwWc/Eg5hLPGYlyqalysP4nOO/KYLBwvgTrPse40N -jg4/3Ew4DKxsrHtCGfhx+i5pXVYwbWklPd7mDmmvxnM5gFEqs0VMMGsjElCzDsmm -v3fSDNozRpd0LXK7J4QGwtOBVivNf7XDQOx5ZXbh/HTQuTG2/8FMCbwUwPYFLx07 -hHHFn9+/wu20 -=bgvm ------END PGP PUBLIC KEY BLOCK----- -``` - -This comprehensive approach to security, including automated builds, careful -selection of third-party libraries, and transparent verification methods, -ensures that users can trust the software they are using while also providing -the tools needed to verify that trust independently. diff --git a/manual/basic-concepts.md b/manual/basic-concepts.md deleted file mode 100644 index 03da79fa..00000000 --- a/manual/basic-concepts.md +++ /dev/null @@ -1,88 +0,0 @@ -# Fundamental Concepts for Beginners - -If you're new to GPG (GNU Privacy Guard) or PGP (Pretty Good Privacy), it's -essential to understand some key concepts before diving in. This knowledge can -help you avoid common pitfalls, such as accidentally sharing your private key, -and ensure your communications remain secure. - -## Key Concepts of GPG/PGP - -### Key Pair Basics - -In the world of GPG/PGP, everything starts with a key pair. Think of a key pair -like a set of two uniquely related keys on a key ring: - -- **Public Key**: This is like your home address that you can share with anyone. - Others will use it to send you encrypted messages or verify your digital - signature. -- **Private Key**: This is akin to the key to your house. It must be kept secret - because it can decrypt the messages sent to you or sign messages from you. - -#### Why Both Keys? - -The magic of this system lies in its use of cryptographic algorithms. Data -encrypted with your public key can only be decrypted by your private key, and -vice versa. This ensures that only the intended recipient can read the message, -and it can verify the sender's identity if a signature is used. - -### Generating Your Key Pair - -Before you can start encrypting or signing anything, you need to generate your -key pair. This process involves choosing a cryptographic algorithm (like RSA or -DSA) and often setting a key size (with larger sizes being more secure but -slower). - -#### Safety First - -When creating your key pair, you'll also be asked to enter a passphrase. This -adds an extra layer of security, as the passphrase will be needed to access your -private key. Choose a strong, memorable passphrase to protect your key. - -### Understanding Subkeys - -A GPG key pair doesn't have to be limited to just one public and one private -key. You can generate subkeys for specific purposes, such as: - -- **Encryption Subkey**: Used solely for encrypting and decrypting messages. -- **Signing Subkey**: Used for creating and verifying digital signatures. - -Subkeys are tied to your primary key pair but can be revoked or replaced -independently, which is useful if a subkey is compromised but your primary key -remains secure. - -### The Role of the Primary Key - -Your primary key pair is the foundation of your GPG identity. All subkeys are -associated with this primary pair. The primary key is typically used for -signing, to establish trust within the network, and to certify subkeys. - -#### Protect Your Primary Key - -If your primary private key is compromised, the entire security of your key ring -is at risk. Therefore, it's crucial to: - -- Keep your primary private key in a secure location. -- Use subkeys for day-to-day encryption and signing tasks. -- Consider using hardware security modules (HSMs) or smart cards to store keys - securely. - -## Best Practices for Beginners - -1. **Backup Your Keys**: Securely backup your private keys (especially the - primary one) in case of hardware failure or loss. -2. **Use Strong Passphrases**: Your key's security is only as good as your - passphrase. Use a long, complex passphrase that is difficult to guess. -3. **Regularly Update Your Keys**: Over time, cryptographic standards evolve. - Regularly review and update your keys and algorithms to ensure they remain - secure. -4. **Learn Key Management**: Practice importing, exporting, revoking, and - verifying keys. Good key management habits are crucial for maintaining your - security over time. -5. **Engage with the Community**: The GPG/PGP community is vast and supportive. - Join forums, read blogs, and participate in discussions to learn from - experienced users. - -By understanding these fundamental concepts and adhering to best practices, -you'll be well on your way to securely using GPG/PGP. Remember, the goal is to -protect your communications and identity in the digital world, and a solid grasp -of these basics is the first step.
\ No newline at end of file diff --git a/manual/basic/dependencies.md b/manual/basic/dependencies.md deleted file mode 100644 index ac3ae52d..00000000 --- a/manual/basic/dependencies.md +++ /dev/null @@ -1,21 +0,0 @@ -# Dependencies and Acknowledgements - -GpgFrontend incorporates various libraries and binaries that come with their -unique licenses. For additional details or to obtain the source code, please -visit their respective homepages: - -- **GnuPG**: [https://gnupg.org](https://gnupg.org) -- **GPGME**: [https://gnupg.org/software/gpgme/index.html](https://gnupg.org/software/gpgme/index.html) -- **Qt (Open Source)**: [https://www.qt.io](https://www.qt.io) -- **MSYS2**: [https://www.msys2.org](https://www.msys2.org) -- **Mingw-w64**: [http://mingw-w64.org/doku.php](http://mingw-w64.org/doku.php) -- **AppImage**: [https://appimage.org](https://appimage.org) -- **macOS Application Bundles**: [Link](https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFBundles/BundleTypes/BundleTypes.html#//apple_ref/doc/uid/10000123i-CH101-SW1) -- **libarchive**: [https://www.libarchive.org](https://www.libarchive.org) -- **spdlog**: [https://github.com/gabime/spdlog](https://github.com/gabime/spdlog) -- **mimalloc**: [https://github.com/microsoft/mimalloc](https://github.com/microsoft/mimalloc) -- **Qt-AES**: [https://github.com/bricke/Qt-AES](https://github.com/bricke/Qt-AES) - -The icons utilized in this software are sourced from [Alibaba Iconfont](https://www.iconfont.cn/). -This vector icon library is free of use, isn't registered as a trademark, has no -copyright issues, and can be commercially utilized. diff --git a/manual/basic/encrypt-decrypt-file.md b/manual/basic/encrypt-decrypt-file.md deleted file mode 100644 index 77e66194..00000000 --- a/manual/basic/encrypt-decrypt-file.md +++ /dev/null @@ -1,66 +0,0 @@ -# Encrypt & Sign File - -GpgFrontend offers a fast and convenient method for working with files. The -encryption and decryption process for files is nearly identical to that of text, -with the exception that file operations involve binary input and output. - -## File Extension Introduction - -For ciphertext in ASCII format, the file extension is typically "asc" and these -files can be opened with a text editor. On the other hand, if the ciphertext is -in binary format, the file extension will be "gpg". Binary ciphertext files are -generally smaller than ASCII format. - -Before version 2.0.4, GpgFrontend generated ciphertext files exclusively in -ASCII format. However, beginning with version 2.0.4, GpgFrontend now generates -ciphertext files in binary format by default. This setting can be adjusted in -the program's settings. - - - -## File Browser - -From the top menu's "File" option, you can access the file browser by pressing -Ctrl/Command + B. After choosing target directory at system navigator, you -can then use the file browser tab to do some operations on files. By using the -file browser, you can navigate to your working directory and right-click on the -file you wish to work with. This will open a pop-up menu, where you can select -the operation you want to perform on the file. - - - -Located at the top of the file tab are two control buttons. The button on the -left allows you to navigate up one level in the directory hierarchy, while the -button on the right refreshes the input box on the left with the corresponding -path. - -On the far right of the file tab, there is a button with useful options that you -can select to show system files or hidden files. - - - -### Encrypt & Sign - -GpgFrontend recommends using the encryption and signature functions in this -method, so that the recipient can verify that the ciphertext originates from -you. You can select one or more recipients' public keys as well as your own -private key to complete this operation. - -When the operation is complete, a file with the ".gpg" extension is generated. -This file contains both encrypted content and signed content. - - - -### Decrypt & Verify - -When decrypting this ciphertext, it undergoes verification, which enhances -security. Additionally, you can perform a "Only Verify" operation which verifies -the content without decrypting it. To use this operation, you must select a file -with a ".gpg" or ".asc" extension, which contains the ciphertext and signature -content. - -To encourage users to verify whether the ciphertext is signed or not when -decrypting, Gpg Frontend does not provide a separate decryption operation for -this. - - diff --git a/manual/basic/encrypt-decrypt-text.md b/manual/basic/encrypt-decrypt-text.md deleted file mode 100644 index 14074d07..00000000 --- a/manual/basic/encrypt-decrypt-text.md +++ /dev/null @@ -1,144 +0,0 @@ -# Encrypt & Decrypt Text - -The processes of encryption and decryption are fundamental to ensuring the -privacy and security of digital communications. GpgFrontend, a graphical -interface for GnuPG, simplifies these operations, making it accessible for users -to securely encrypt and decrypt text. Before diving into the specifics of how -GpgFrontend facilitates these operations, it's essential to understand the -underlying concepts and the prerequisites for encryption and decryption. - -Encryption is the process of converting plain text into a scrambled format known -as ciphertext, which is unreadable to anyone except those who possess the -correct key to decrypt it. This transformation is done using an encryption -algorithm and a key. In the context of GpgFrontend and most modern encryption -practices, this key is the recipient's public key. A public key is part of a key -pair that includes a private key; together, they are used in asymmetric -encryption, a cornerstone of modern cryptography. - -To initiate encryption with GpgFrontend, the sender must first have access to -the recipient's public key. This key is used to encrypt the message, ensuring -that only the recipient, who holds the corresponding private key, can decrypt -and read the message. The public key can encrypt messages, but cannot decrypt -them. This is a crucial aspect of asymmetric cryptography: it allows anyone to -send encrypted messages to the key owner without being able to decrypt messages -encrypted with that same public key. - -Generating a key pair is the first step in being able to engage in these secure -communications. This process usually involves choosing a key type and size, with -larger keys offering higher security. Once generated, the key pair consists of a -private key, which must be kept secure and confidential, and a public key, which -can be shared with anyone who wishes to send you encrypted messages. - -Decrypting a message with GpgFrontend requires the private key corresponding to -the public key used for encryption. Upon receiving an encrypted message, the -recipient uses their private key with GpgFrontend to decrypt the ciphertext back -into readable plain text. This decryption process is secure because the private -key is never shared, and it is computationally infeasible for an attacker to -derive the private key from the public key or the encrypted message. - -GpgFrontend streamlines these operations, providing a user-friendly interface -that abstracts the complexities of cryptographic operations. Users can easily -import public keys, encrypt messages or files for specific recipients, and -decrypt incoming messages or files using their private keys. This makes -GpgFrontend an invaluable tool for anyone needing to secure their digital -communications, from sensitive personal correspondence to confidential business -communications. - -In summary, encryption and decryption with GpgFrontend rely on the foundational -principles of asymmetric cryptography, where a public key is used for -encryption, and a corresponding private key is used for decryption. Before -engaging in these operations, users must generate a key pair and share their -public key with those from whom they wish to receive encrypted messages. This -setup ensures that only intended recipients can read the contents of encrypted -communications, providing a robust framework for privacy and security in the -digital age. - -## Encrypt - -The Encrypt operation itself uses a public key and does not require a private -key. Remember that whoever you want to send it to encrypts it with whose public -key. For people who don't use gpg very often, they often get confused and use -their own keys to encrypt ciphertext. - -### Only Encrypt - -In this case, you only encrypt the ciphertext, which results in a shorter -ciphertext. This is because the ciphertext does not contain additional signature -information that identifies the encryptor. If you do not want the recipient to -know your identity, use this method to generate your ciphertexts. - -After the encryption operation, no additional information will be displayed in -the information board except for a prompt indicating whether the operation was -successful. - - - -### Encrypt Sign - -To encrypt and sign text, you need to first prepare the plaintext and have a -public key that can perform encryption operations. The public key used for -encryption should belong to the intended recipient, not yourself. It is -important to verify that the recipient's public key has cryptographic -capabilities for encryption before proceeding. - -If you want the recipient to know that the ciphertext is from you, you can also -choose to sign the text while encrypting it. This ensures that the decrypted -text is credible and comes from your hand. This method is commonly used when -both parties need to ensure the authenticity of the decrypted text, and -typically in scenarios where both parties know each other. - -To encrypt and sign at the same time, select the public key(s) you need to use -for encryption, and during the encryption process, select the private key you -need to use for signing. This private key should belong to you and should have -the capability for signature operations. You can verify this by checking the -usage column in the key toolbox on the right (letter S stands for signature). - -The ciphertext generated by this operation is longer than ciphertext generated -by only encryption because of the additional signature information attached to -it. After the operation is complete, information about the cryptographic and -signature operations will be displayed in the Infomation Board, including -information about the signature pattern and algorithm used. - -To verify the authenticity of the ciphertext before decryption, you can use the -validate operation. Once the ciphertext is verified, you can proceed with -decryption using your private key. - - - -## Decrypt - -When decrypting the ciphertext, you can simply paste the obtained ciphertext -into GpgFrontend, and it will automatically select the appropriate private key -for decryption. It is important to note that decryption must be performed with -the private key associated with the public key used for encryption. - - - -When decrypting a ciphertext, it is not necessary to check the usage column in -the key toolbox to determine if the key is valid for decryption. Instead, you -need to use a valid private key that corresponds to the public key used for -encryption. You can identify whether a key is a public key or a private key by -checking the type column in the key toolbox. If all your local keys are not -valid for decryption of the ciphertext, the program will display a decryption -failure message. - -## Decrypt Verify - -During decryption with verification, gpg will check the signature attached to -the ciphertext to ensure its authenticity. This provides an additional layer of -security and helps to prevent tampering with the encrypted message. - -To perform decryption with verification, you need to select a file with a ".gpg" -or ".asc" extension, which contains the ciphertext and signature content. If the -signature is valid, gpg will decrypt the message and display it in plain text. -Otherwise, it will display an error message indicating that the signature is not -valid. - -It is important to note that whether a key pair can be used for verification -will not be displayed in the usage column. Instead, you need to remember that a -valid public key can be used for verification. Therefore, it is a good habit to -always verify the signature during decryption, regardless of whether the -encryptor has signed in advance. This helps to ensure the authenticity and -integrity of the decrypted message. - - diff --git a/manual/basic/generate-key.md b/manual/basic/generate-key.md deleted file mode 100644 index 29d52ca5..00000000 --- a/manual/basic/generate-key.md +++ /dev/null @@ -1,203 +0,0 @@ -# Generate Key Pair & Subkey - -Sure, let's go through the process of generating a key pair and subkeys. - -To generate a key pair using GpgFrontend, follow these steps: - -1. Open GpgFrontend and click on the "Generate Key" button. -2. Fill in the required information, such as your name and email address. -3. Choose the type of key you want to generate (RSA, DSA or ECC). -4. Set the key size and expiration date, if desired. -5. Create a passphrase to protect your private key. -6. Click "Generate" to create your key pair. - -Once your key pair is generated, you can add subkeys to it by following these -steps: - -1. Select the key pair you want to add a subkey to. -2. Click on the "Add Subkey" button. -3. Choose the type of subkey you want to add (encryption, signing, - authentication, or all). -4. Set the subkey size and expiration date, if desired. -5. Create a passphrase to protect your subkey. -6. Click "Add" to create your subkey. - -You can add multiple subkeys to a key pair, each with their own specific -purposes. This allows you to have more control over your key pair's security and -usage. - -## Generate Key Pair - -You can quickly understand the process of generating a key pair by watching the -following animation. - - - -### Name & Email & Comment - -The three fields, including name, email, and comment, are used to help users -differentiate this key pair from other key pairs they may have. Among these -three options, name and email are mandatory, while comment is optional. - -It is important to note that the name should be at least 5 characters long, and -the email should follow the correct format (no actual email account is -required). - - - -### Expiration Date - -Setting an expiration date for the key pair is a way to limit the validity of -the key over time. Once the expiration date is reached, the key can still be -used, but its operations, especially signature operations, will be considered -invalid. By default, GpgFrontend suggests setting the expiration date to two -years after generation, but you can also choose to check the "Never expire" -checkbox to make the key pair permanent. - -It's important to note that this option can be changed at any time after -generation, even after the expiration date has passed, as long as the primary -key still exists. - - - -### Key Size & Algo - -Setting an expiration date for the key pair is a way to limit the validity of -the key over time. Once the expiration date is reached, the key can still be -used, but its operations, especially signature operations, will be considered -invalid. By default, GpgFrontend suggests setting the expiration date to two -years after generation, but you can also choose to check the "Never expire" -checkbox to make the key pair permanent. - -It's important to note that this option can be changed at any time after -generation, even after the expiration date has passed, as long as the primary -key still exists. - - - -### Passphrase - -Setting a password to protect the primary key is crucial in case of a security -breach. If the "Do not set password" checkbox is unchecked, you will be prompted -to enter a password during the key pair generation process. Follow the prompts -to set the password. Once the password is set, whenever you need to use the -primary key for an operation, you will need to enter the password to unlock it -(some systems have a password manager to automate this process). - -However, you can also check the "Do not set password" checkbox to skip setting a -protection password for the primary key. But this is not recommended due to -security concerns. - -### Usage - -When generating a key pair, you can specify the usage for the first subkey, -which is the primary key. There are four options: - - - -- Encryption: Once generated, this key can be used for encryption purposes. - -- Signing: Once generated, this key can be used for signature purposes. - -- Certification: This key can be used to certify or verify other keys. Only the - primary key can have this usage. - -- Authentication: This key can be used for authentication purposes, such as with - SSH keys. - -The third of these four uses (authentication purposes) can only be owned by the -primary key. In addition, some usages are not available when using certain -algorithms for encryption. For example, when the DSA algorithm is selected, the -encryption uses are disabled. - -## Generate Subkey - -It is possible to append subkeys to an existing key pair. The subkey does not -require the input of a name, email, or comment, as the remaining steps are -essentially identical to those for generating a key pair. - - - -### Extra note - -Below are some guidelines that may prove useful in comprehending the -aforementioned concepts and utilizing this tool accurately. - -#### Understanding Primary Keys and Subkeys - -In the realm of cryptography, key management plays a crucial role in ensuring -data security. A key pair consists of a primary key and one or more subkeys, -each serving distinct functions yet working together to secure and manage -digital identities and communications. This structure not only enhances security -but also provides flexibility in key usage and management. - -#### The Role of Primary Key and Subkeys - -- **Primary Key**: The primary key is the cornerstone of your cryptographic - identity. It is used for identity verification, which includes signing other - keys to establish trust. The primary key's signature on a subkey validates the - subkey's association with the identity of the primary key holder. - -- **Subkeys**: Subkeys are associated with the primary key and are used for - encryption and signing documents or messages. Subkeys can be thought of as - extensions of the primary key, each designated for specific tasks. This - separation of duties allows for greater security and operational flexibility. - For example, you can have separate subkeys for signing and encryption. - -#### Advantages of Using Subkeys - -1. **Enhanced Security**: By using subkeys for day-to-day operations, you - minimize the risk associated with key exposure. If a subkey is compromised, - it can be revoked without affecting the primary key or other subkeys, thereby - limiting the potential damage. - -2. **Operational Flexibility**: Subkeys allow for specific roles (e.g., signing, - encryption) to be isolated. This means you can renew or revoke subkeys as - needed without disrupting the overall cryptographic setup. - -3. **Convenient Key Rotation**: Regularly updating keys is a best practice in - cryptography. Subkeys make it easier to rotate keys for signing and - encryption without needing to re-establish the primary key's trust - relationships. - -#### Managing Primary Keys and Subkeys - -- **Secure Storage**: The primary key should be stored in a highly secure - location, preferably offline or in a hardware security module (HSM), to - prevent unauthorized access. This is because the loss or compromise of the - primary key jeopardizes the entire cryptographic framework. - -- **Key Generation and Maintenance**: While tools like GpgFrontend provide - user-friendly interfaces for managing keys, they may lack support for advanced - operations like generating multiple subkeys. Therefore, using the command-line - `gpg` tool for such tasks is advisable. Despite this limitation, GpgFrontend - can play a critical role in monitoring the presence of the primary key, which - is essential for certain operations like adding subkeys or signing other keys. - -- **Revocation and Renewal**: Prepare revocation certificates for your primary - key and subkeys in advance. In case of key compromise or expiration, these - certificates allow you to invalidate the keys, informing others in your trust - network not to use them anymore. - -#### Practical Tips for Effective Key Management - -- **Purpose-Specific Subkeys**: If your primary key was not generated with - certain capabilities (e.g., encryption), you can create a subkey with the - required functionality. This allows the key pair to be used for the intended - cryptographic operations without regenerating the primary key. - -- **Multiple Subkeys for Different Devices**: For users operating across - multiple devices, generating separate subkeys for each device can enhance - security. If one device is compromised, only the subkey on that device needs - to be revoked, leaving the others unaffected. - -- **Backup and Recovery**: Regularly back up your key pair, including the - primary key and all subkeys. Secure backups ensure that you can recover your - cryptographic capabilities even in the event of hardware failure or data loss. - -In summary, understanding and implementing a robust key management strategy, -with a clear distinction between primary keys and subkeys, is essential for -maintaining the integrity and security of cryptographic operations. By adhering -to best practices for key usage, storage, and renewal, users can safeguard their -digital identities and ensure the confidentiality and authenticity of their -communications. diff --git a/manual/basic/import-export-key-pair.md b/manual/basic/import-export-key-pair.md deleted file mode 100644 index d98dc23e..00000000 --- a/manual/basic/import-export-key-pair.md +++ /dev/null @@ -1,113 +0,0 @@ -# Import & Export Key Pair - -GpgFrontend provides various methods for importing or exporting key pairs, some -of which are outlined below. Please refer to the guide for more information. - -## Import Key Pair - -To access the import options, navigate to the toolbar and select the desired -method based on your specific requirements. Additionally, you can access -additional options by selecting the action menu in the key management section. - - - -In fact, you can find the action menu in the key management section, which -provides access to additional key management options beyond those available in -the toolbar. - - - -### File - -This option allows you to select a public or private key file in text format -with any extension to import. - -### Editor - -You can paste the contents of a key file onto a blank text label page and -GpgFrontend will automatically recognize and import the corresponding key. - -### Clipboard - -You can copy the contents of a key to your system clipboard and then select this -option to import the corresponding key. - -### Key server - -This feature enables users to search for and import public keys from a key -server. Users must first enter the email or ID associated with the desired key -and select the appropriate key server. Upon clicking the search button, a list -of public keys that can be imported from the server will be displayed. Users can -choose to import multiple keys together or double-click on a specific table row -to import a corresponding public key. It is important to note that when using -this method, only public keys can be imported. - -A detailed description of this part can be found -[Here](./key-server-operations.md). - -### Dropdown on Key Toolbox - -You can drag the key file directly to the key toolbox, and then follow the -prompts of GpgFrontend to import the key. - -## Export Key Pair - -When deriving the public key of a key pair using the private key, you can derive -either the public key or the private key or both of all the keys present in the -key pair. However, if there are numerous keys in the key pair, the exported data -can be lengthy. Multiple export methods are available, which are similar to the -import process. - -In Gpg Frontend, the exported data is encoded in ASCII to ensure compatibility -between computers. - -### Export Public Key - -You can find this operation in many places. The following will introduce them -one by one. - -#### Append Public Key to Editor - -To append a public key to the editor in GpgFrontend, right-click on a row in the -key toolbox and select "Append Select Key(s) to Editor" from the pop-up menu. -This will add the public key of the selected key to the end of the text label -page. You can then copy the content to any location as needed. - -#### Export on the Key Pair at Operations Tab - -To export a public key using the Key Pair at Operations Tab, follow the steps -shown in the screenshot below. This will save the data to a file. Before -proceeding, please make sure to choose a suitable directory to store the file -containing the public key data. - - - -### Export multiple public keys at once - -To export public key data for multiple key pairs at once, select the desired key -pairs on the key management interface and click on the "Export to Clipboard" -option. This will copy the data to your system clipboard, which you can then -paste into any application or file. - - - -### Export Private Key - -Private key options are available in various locations on the detail page that -contains the private key (either the primary key or subkey). From there, you can -select a destination and GpgFrontend will export the corresponding private key -content to that location. - - - -Exporting the private key also exports both the public key and private key data, -as the private key data alone is meaningless without the corresponding public -key. Thus, the private key content is typically bundled with the public key -content during export. However, it's essential to note that the private key file -should never be disclosed to others. If leaked, it could compromise the security -of all ciphertexts encrypted by the key. - -You can export the private key data in your key pair in two ways. - -1. Full export: Include all key data and UID and UID signature in the key pair. -2. Minimal export: Only all key data in the key pair is included. diff --git a/manual/basic/key-server-operations.md b/manual/basic/key-server-operations.md deleted file mode 100644 index ed4cf409..00000000 --- a/manual/basic/key-server-operations.md +++ /dev/null @@ -1,164 +0,0 @@ -# Key Server Operations - -Key servers play a pivotal role in the ecosystem of encrypted communication, -serving as a centralized repository for public key information. These servers -enable individuals to share and retrieve public keys necessary for encrypted -messaging, even when direct exchange is not feasible. Key servers are -particularly useful in scenarios where secure communication needs to be -established without prior direct contact, or when a user's public key needs to -be widely distributed or updated due to security concerns. - -When you wish to send an encrypted message but lack the recipient's public key, -key servers offer a solution by allowing you to search for and retrieve the -public key associated with the recipient's email address or key ID. This process -facilitates the encryption of messages in a way that ensures only the intended -recipient, who possesses the corresponding private key, can decrypt and read the -message. - -Moreover, key servers are integral to maintaining the integrity and -trustworthiness of the public key infrastructure. If a user's private key is -compromised, it is crucial to inform others not to use the associated public key -for encrypting messages anymore. By uploading a new public key to a key server -and marking the old one as obsolete or compromised, users can mitigate the risks -associated with the exposure of their private key. - -The functionality of key servers is enhanced by software tools such as -GpgFrontend, which simplifies the process of managing public keys. With -GpgFrontend, users can effortlessly upload their public key to key servers, -search for other users' public keys using an email address or key ID, and import -these keys for use in encrypted communication. The software's user-friendly -interface enables these operations to be performed with just a few mouse clicks, -making encrypted communication more accessible to a broader audience. - -It is important to note that once public key information is uploaded to a key -server, it is propagated across a network of key servers worldwide, making it -available to anyone who searches for it. This wide distribution ensures that -encrypted communication can be established easily across different platforms and -geographical locations. However, users should be aware that public keys uploaded -to key servers cannot be deleted, emphasizing the importance of careful key -management. In situations where a key needs to be updated, such as when adding a -subkey to a key pair, the new key information can overwrite the old one on the -server, thus maintaining the security and relevance of the key information -available to the public. - -In summary, key servers are essential for the secure and efficient exchange of -encrypted messages, offering a reliable method for sharing and retrieving public -keys. They support the integrity of secure communications by facilitating the -widespread distribution of public keys and enabling users to update or replace -keys when necessary. - -## Import Public Key From Key Server - -In the main page or in the key manager's Import key operation mode, there is a -key server option. After selecting this option you can see such an interface. - - - -You can get a list of public keys associated with a key server by searching for -Key ID, fingerprint or email address via the search box. If there is a suitable -public key in the list, you can import it by double-clicking it. - - - -When the import is complete, you can check whether the public key is actually -imported through the pop-up window (no need to import when the local public key -is newer), and you can also check some brief information about the public key. - - - -It is important to note that the public key you import may have expired or been -revoked. You can check the status of the key by navigating to the category tab -in the key management interface. In addition to the search box, you may also -notice a drop-down box that allows you to choose which key server to retrieve -the public key information from. To modify or add to this list of candidate -servers, please refer to the last section of this document: Key server related -settings. - -## Export My Public Key To The Key Server - -If the current key pair has a master key, you have the option to publish the -public key information to a key server. It is important to note that in order to -avoid confusion, GpgFrontend requires the presence of a master key for this -action to be performed. This ensures that users are aware of what they are doing -and the function being performed. - -### How To Use - -You can find the entry of this operation through the operation tab of the key -pair detail interface, as shown in the following figure. - - - -Perform the operation by clicking Upload key pair to key server. Note that the -naming of operations here is a bit confusing, but this is where your public key -information (not your private key) will be uploaded. - -### Synchronize public key information from a key server - -Sometimes, before you perform an encryption operation, you want to know if the -public key you are using is still valid. At this point, you can get the latest -information about the key from the key server (if the public key server has -one). - -As above, you can find this action in the Actions tab of the key pair details -screen, as shown in the image below. - -GpgFrontend will upload the public key information to the default key server -you set. The private key information is not uploaded and should not be manually -uploaded anywhere by the user. - -Refer to the last section of this document on how to set the default key server. - - - -The "Synchronize key pair with key server" function allows for automatic -retrieval of public key information from the key server, which is then compared -with the local key information. After the operation is completed, a pop-up -window will appear indicating whether the key has actually been updated. It -should be noted that this operation is not possible if the private key exists -locally. This is because, in such a case, you already have the key pair and -should publish the latest information for the key pair instead of accepting -outdated information from the key server. - -### Extra Information - -GpgFrontend automatically communicates with the default key server that you have -set to obtain the necessary information. You can refer to the last section of -this document to learn how to set the default key server. - -## Sync ALL Public Key - -This is an advanced function provided by GpgFrontend, it can synchronize all -your local public key information at one time, if you want to know, please read -[this document](../features/sync-all-public-keys.md). - -## Key Server Related Settings - -If you want to set a list of key servers or a default key server, you can do so -by accessing the Settings interface and navigating to the Key Servers tab. Here, -you will find options for managing your key server candidate list and -determining which key server is set as the default. - - - -To add a candidate key server to the list, simply enter the http or https -address of the key server you wish to add into the input box and click "Add". It -is strongly recommended that users use the https protocol to prevent -man-in-the-middle attacks. If you wish to delete a candidate key server, simply -right-click on the corresponding row in the table and select "Delete" from the -pop-up menu. To edit an existing candidate key server address, double-click on -the address in the table and edit it. - -To test the network connectivity of the servers in the key server candidate -list, click the "Test" button located at the bottom of the Key Servers tab. -However, note that the test only determines if the keyserver is reachable, not -whether the address is a valid keyserver. - -### Set Default Key Server - -To set a candidate key server as your default key server, you can follow these -steps. First, locate the candidate key server you want to set as the default in -the table. Then, right-click the row of the corresponding key server, and click -"Set as Default" in the pop-up menu. Once set, you can verify whether a -candidate key server is the default key server by checking the first column of -the table. diff --git a/manual/basic/sign-verify-file.md b/manual/basic/sign-verify-file.md deleted file mode 100755 index 91d10093..00000000 --- a/manual/basic/sign-verify-file.md +++ /dev/null @@ -1,101 +0,0 @@ -# Signing & Verifying Files - -GpgFrontend extends its utility from handling text-based operations to -facilitating file operations with ease and security. The principle behind -signing and verifying files mirrors that of text, leveraging the robust -framework of digital signatures. However, a significant distinction lies in the -nature of the input and output for file operations, which can be binary, -accommodating a wider range of file types beyond simple text documents. - -When signing a file using GpgFrontend, the software utilizes the private key of -the user to create a digital signature. This process begins by computing a hash -of the file's contents, regardless of whether the file is a document, image, -executable, or any other binary format. This hash serves as a compact -representation of the file's data. Subsequently, the hash is encrypted with the -user's private key, producing a digital signature unique to both the file and -the key used. The resulting signature can either be attached to the file or -stored separately, depending on the user's preference and the requirements of -the application. - -Verifying a signed file with GpgFrontend involves the corresponding public key -of the private key that was used for signing. The verification process decrypts -the digital signature using this public key to extract the original hash value -that was generated during the signing. Simultaneously, the software computes a -new hash from the file that is purported to be authentic. By comparing these two -hash values, GpgFrontend can determine if the file has been altered after it was -signed. If the hashes match, it confirms the file's integrity and authenticity, -assuring the recipient of its untampered state and the signer's identity. - -This binary capability of file operations in GpgFrontend not only broadens the -scope of digital signatures to encompass a variety of file types but also -ensures that the integrity and authenticity verification process is not limited -to text-based data. It provides a critical layer of security in digital -communications, where files of all kinds are shared and exchanged with the -expectation of privacy and trust. - -The application of digital signatures to files through tools like GpgFrontend is -especially relevant in scenarios where the authenticity of the file source and -the integrity of its contents are paramount. This includes software -distribution, where verifying the source and integrity of software packages is -crucial to prevent malware distribution; document sharing in legal and financial -contexts, where tampering could have serious implications; and multimedia -content distribution, where copyright and ownership are significant concerns. - -In summary, GpgFrontend's support for signing and verifying files elevates the -security of digital file exchanges by applying the principles of cryptography in -a user-friendly manner. By accommodating binary file operations, it ensures that -digital signatures are accessible and applicable across a broad spectrum of file -types, reinforcing the pillars of trust and security in digital communications. - -## Introduction to File Extensions - -For ASCII-formatted ciphertext, the filename suffix is usually "asc", and these -files can be opened directly with a text editor. However, if the ciphertext is -binary, its file extension will be "sig" or "gpg". Typically, binary ciphertext -files are smaller than ASCII-formatted ones. - -Prior to v2.0.4, the ciphertext files generated by GpgFrontend were all in ASCII -format. But starting with v2.0.4, GpgFrontend defaults to generating -binary-formatted ciphertext files. You can modify this setting in the settings. - - - -## File Browser - -You can open the file browser (Ctrl/Command + B) via the top menu file option. -After selecting a target directory at system navigator, you can get a new File -browser tab. Using the file browser, navigate to your working directory. Then, -right-click the file you wish to operate on, and select the desired operation -from the pop-up menu. - - - -Two control buttons are located at the top of the file tab. The one on the left -allows you to go up a level, and the one on the right enables you to enter or -refresh the corresponding path in the input box on the left. - -On the far right is a button offering useful options, such as displaying system -files or hidden files. - - - -### Sign - -Through the right-click menu, you can rapidly sign a file. This operation will -generate a file with a "sig" or "asc" suffix, which contains the signature -content. In this scenario, you need to pass both this file and the original file -to the other party to allow them to verify it. - - - -### Verify - -This operation requires you to select a file with a "gpg" suffix (this may be -invalid for binary file ciphertext) or a file with a "sig" suffix for -verification. - -When selecting a file with the "sig" suffix, ensure that the source file is also -present in this directory. This implies that the source file's name is simply -missing a "sig" suffix. - - diff --git a/manual/basic/sign-verify-text.md b/manual/basic/sign-verify-text.md deleted file mode 100644 index 594942d1..00000000 --- a/manual/basic/sign-verify-text.md +++ /dev/null @@ -1,102 +0,0 @@ -# Signing & Verifying Text - -Digital signatures, much like their analog counterparts, serve as a method for -asserting the authenticity and integrity of a digital document or message. -However, unlike traditional signatures, digital signatures offer a much higher -level of security, making it possible to ascertain not only the identity of the -signer but also whether the content has been tampered with since it was signed. - -The foundation of digital signing and verification lies in the field of public -key cryptography, a cornerstone of modern secure communication. This system -relies on two keys: a private key, which is kept secret by the owner, and a -public key, which can be shared with anyone. To sign a document, the signer uses -their private key to generate a digital signature on the document. This -signature is unique to both the document and the private key, ensuring that any -changes made to the document after it has been signed can be detected. - -Verification, on the other hand, requires the corresponding public key. When a -document is received along with its digital signature, the recipient can use the -signer's public key to verify the signature. This process checks that the -signature matches the document and was created with the private key -corresponding to the public key. If the document has been altered after signing, -the verification will fail, alerting the recipient to the tampering. - -One of the advantages of digital signatures is the ability to use multiple -private keys for signing a document, similar to having a document signed by -multiple parties. Each signer uses their private key to sign the document, and -each signature can be independently verified with the corresponding public key. -This method is particularly useful in scenarios requiring the approval or -authorization of multiple entities. - -Digital signatures are a critical component of secure communications, providing -assurances of authenticity, integrity, and non-repudiation. Non-repudiation -means that a signer cannot later deny the authenticity of the signature on a -document they signed. This is especially important in legal, financial, and -sensitive communications, where trust and authenticity are paramount. - -Tools like GpgFrontend facilitate the process of creating and verifying digital -signatures in a user-friendly manner. GpgFrontend is built on top of the OpenPGP -standard, which is a widely accepted protocol for encryption and digital -signatures. The tool allows users to easily manage their encryption keys, sign -documents, and verify the signatures of received documents, thereby enhancing -the security and trustworthiness of digital communications. - -In summary, digital signing and verification through tools like GpgFrontend -leverage public key cryptography to ensure the security and integrity of digital -communications. By enabling users to sign documents with their private keys and -allowing others to verify those signatures with corresponding public keys, -digital signatures provide a robust mechanism for authenticating the origin and -integrity of digital documents, far surpassing the capabilities of traditional -handwritten signatures. - -## Signature Only - -By signing the text, you establish that you are the sole and unalterable -authority for this text. You can simply sign the text without encrypting it as -follows: - - - -To check whether a key can be used for signing, please review the 'Usage' column -in the key toolbox on the right (the letter 'S' stands for signature). - -## Signature with Encryption - -You also have the option to sign and encrypt at the same time by choosing a -public key for encryption and your private key for signing. This is a common -practice where you select two key pairs: one belonging to someone else for -encryption, and your private key for signing. If you don't select a key for -signing, only encryption is possible, but you will receive a warning. It's worth -noting that combining signing with encryption provides an additional layer of -security as it assures the recipient that the message hasn't been altered and it -came from the sender whose identity is verified by the digital signature. - - - -## Verification - -Once you have a plaintext and its corresponding signature, you can verify the -signature using the signer's public key. However, this type of signature isn't -suitable for emails as it can make the email less readable. - - - -To verify a signature with text, you need to have the corresponding public key -for all included signatures. If a suitable public key for a signature isn't -found locally during verification, GpgFrontend will prompt you to import it. - - - -## Verification with Decryption - -When decrypting a ciphertext, it's advised to verify it simultaneously, -regardless of whether the encryptor signed it or not. It's impossible to -determine from the ciphertext's format if it has been signed. Therefore, it's a -good habit to always perform decryption operations with verification whenever -possible. - - diff --git a/manual/basic/symmetric-encrypt-decrypt.md b/manual/basic/symmetric-encrypt-decrypt.md deleted file mode 100644 index 7436fd02..00000000 --- a/manual/basic/symmetric-encrypt-decrypt.md +++ /dev/null @@ -1,60 +0,0 @@ -# Symmetric Encryption & Decryption of Text & File - -## About Symmetric Encryption & Decryption - -Symmetric encryption, in contrast to asymmetric encryption, uses a single key -for both the encryption of plaintext and the decryption of ciphertext. This -method is characterized by its simplicity and speed, making it a popular choice -for encrypting large volumes of data or for scenarios where the sharing of keys -between the sender and receiver can be securely managed. GpgFrontend provides a -user-friendly interface for implementing symmetric encryption, streamlining the -process for users who may not be familiar with the intricacies of cryptographic -operations. - -The process of symmetric encryption with GpgFrontend begins when a user opts to -encrypt data without selecting a recipient's public key from the Key Toolbox. -This action signals the software to use symmetric encryption for the task at -hand. At this point, the user is prompted to create a password. This password -acts as the encryption key, transforming the plaintext into ciphertext through a -cryptographic algorithm. It's crucial that this password is strong and unique, -as the security of the encrypted data directly depends on the password's -complexity and unpredictability. - -Once the password is established, GpgFrontend proceeds to encrypt the data. The -resulting ciphertext can only be decrypted with the exact password used for its -encryption. This means that anyone who wishes to access the encrypted data must -know the password, highlighting the importance of securely sharing this password -between the sender and receiver. - -Decrypting symmetrically encrypted data with GpgFrontend requires the same -password used during the encryption phase. When the 'Decrypt' function is -initiated, the software prompts the user to enter the password. Upon successful -authentication with the correct password, the software decrypts the ciphertext -back into readable plaintext. This decryption process, like encryption, is -straightforward and efficient, but the security of the data relies entirely on -the password's confidentiality. - -Symmetric encryption is particularly useful in scenarios where encrypted data -needs to be stored securely or transmitted over a secure channel, and where the -overhead of managing public and private keys is not desirable. However, the -challenge of securely exchanging the password between the sender and receiver -cannot be understated. If this password is intercepted or guessed by an -unauthorized party, the encrypted data's security is compromised. - -In summary, GpgFrontend's support for symmetric encryption provides a powerful -tool for users needing to secure their data with a password. This method is -distinguished by its reliance on a single password for both encryption and -decryption, offering a balance between simplicity and security. Users must -exercise caution in creating a strong password and ensure its secure exchange to -maintain the confidentiality and integrity of their encrypted data. Symmetric -encryption with GpgFrontend is a testament to the versatility of cryptographic -practices, catering to a wide range of security needs with user-friendly -solutions. - -## How to use it? - -Symmetric encryption is initiated when you click the 'Encrypt' button without -selecting any key in the Key Toolbox. For this type of encryption, a password -must be established for the encryption process. Subsequently, to decrypt the -data, you will need to provide the same password that was used during the -encryption phase. diff --git a/manual/basic/system-requirement.md b/manual/basic/system-requirement.md deleted file mode 100644 index ec90e15c..00000000 --- a/manual/basic/system-requirement.md +++ /dev/null @@ -1,70 +0,0 @@ -# System Requirement - -Before proceeding with the installation and usage of GpgFrontend, it's crucial -to understand the system requirements that ensure optimal performance. This -section provides comprehensive details about the necessary software -dependencies, hardware specifications, and the compatible operating systems. -Meeting these requirements will ensure a smooth, efficient experience while -using GpgFrontend. - -Please read the following subsections carefully to confirm that your system -aligns with the recommended configurations. - -## Hardware - -While the specific hardware requirements largely depend on the size and -complexity of the data you're working with, we generally recommend: - -A computer with at least 1 GB of RAM. However, 2 GB or more is preferable for -smoother performance. The majority of these resources are allocated to your -operating system, but around 100Â MB of memory is needed to ensure the smooth -running of GpgFrontend. At least 200 MB of free disk space for software -installation. Additional space will be needed for ongoing work. - -Please note, these requirements are intended to be guidelines rather than strict -rules. It's possible that GpgFrontend will work on lower-spec hardware, but for -optimal performance, the above specifications are recommended. - -## Operating System - -GpgFrontend is compatible with major operating systems including Linux, macOS, -and Windows. Specifically, it recommends Windows 7 and later, macOS 11 and -later, and Ubuntu 20.04 LTS or other equivalent Linux distributions. - -## Software - -To ensure GpgFrontend functions seamlessly, it relies on the following software -dependencies: - -- **Qt Framework:** GpgFrontend is developed using the Qt framework to offer a - rich user experience and cross-platform compatibility. The application - includes: - - - **Qt6:** The primary build utilizes Qt6, ensuring a modern interface and - robust performance. Qt6 is included in the release packages for Linux, - macOS, and Windows, offering straightforward setup without additional - installations. - - **Qt5 Support for Windows:** Recognizing the need to accommodate users on - older versions of Windows, GpgFrontend also provides a Qt5-based version. - This variant ensures compatibility with earlier Windows environments, - extending the tool's accessibility and usability. - -- **GnuPG 2.2.0 or Higher:** GpgFrontend integrates with GnuPG for its - cryptographic operations, including encryption, decryption, and digital - signing. GnuPG (version 2.2.0 or newer) is a necessary component to leverage - the full capabilities of GpgFrontend. Please note, GnuPG 1.x versions are not - supported by GpgFrontend due to differences in functionality and support. - Users are encouraged to use GnuPG 2.x to ensure compatibility and secure - operations. - -By catering to a wide range of operating systems and ensuring backward -compatibility with older Windows versions through Qt5 support, GpgFrontend -strives to be as inclusive and accessible as possible. - -## Network - -Although not necessary for basic operation, an active Internet connection may be -required for software updates and accessing online help resources. - -Please note that these are the minimal requirements that we tested, and actual -requirements for your use case could be higher, especially for large datasets. diff --git a/manual/basic/understand-interface.md b/manual/basic/understand-interface.md deleted file mode 100644 index 75ca7ecb..00000000 --- a/manual/basic/understand-interface.md +++ /dev/null @@ -1,176 +0,0 @@ -# Interface Understanding - -As a beginner, you're only required to swiftly comprehend a few crucial sections -of the page. The exploration that follows will gradually unveil additional -functionalities. Bear in mind that interfaces may vary across different -versions. - - - -## Text Editor - -The text editing zone allows you the liberty to input any desired text or -establish a new tab through the "New" choice in the file menu at the top. Moving -or closing tabs can be done with ease as per your needs. - -Numerous operations can be performed on your text using options available in the -Operations Bar. Alternatively, you may utilize standard shortcuts like -Ctrl+C/V/S for copy, paste, and save operations, or even searching within the -text. - -The edited text within the text box is encoded in UTF8 without any formatting. -This plain text format ensures that no message alteration leads to confusion. -While we have plans to introduce rich text editing in the future, the specifics -are still being deliberated. - -### Large Text File Support - -GpgFrontend accommodates opening larger files without hindrance. However, when -dealing with relatively large files, editing of the tab won't be feasible until -the entire file is loaded. During this time, despite not being able to edit the -file, you still have the capability to view it. - -## Information Board - -GpgFrontend presents the outcome of the current tab page operation on the -Information Board, signifying the success or failure of the operation. -Additionally, the Information Board's text includes supplementary details to -assist in understanding the particulars of your encryption, decryption, -signature, and other operations. Depending on your language settings, the output -displayed on the dashboard may differ. - -The Information Board was conceived to provide a comprehensive view of more -information within the same space. However, GpgFrontend plans to incorporate a -graphical interface in the future to augment the user's comprehension of this -information. - -### Color Coding - -- **Green**: Indicates a successful operation that has been thoroughly verified - and found devoid of any issues. The appearance of green font color signifies - an all-clear. -- **Yellow**: Denotes a successful operation with some potential issues detected - during result testing. The yellow font color serves as a subtle alert for the - user, necessitating a detailed review of the operation. -- **Red**: Symbolizes an unsuccessful operation or a significant discrepancy in - the operation's outcome. The red font color acts as a clear warning, demanding - the user to meticulously inspect the operation's specifics to ensure security. - -### Customizable Font Size - -Should you find the font size on the information board to be diminutive, you can -easily adjust it under the 'Application' section in the settings. The default -font size is 10, and it can be modified to any value ranging from 9 to 18. - -### Dashboard Actions Menu - -The dashboard actions menu facilitates quick and easy access to common -functionalities related to the content of the information board. It empowers -users to efficiently manage and process large chunks of content on the -Information Board for various purposes. - -#### Copy - -This function allows users to swiftly capture significant portions of content -from the Information Board for other applications. - -#### Save File - -This operation archives the contents of the information board into the file -system, utilizing the UTF-8 format. Although the resultant output file lacks a -suffix, it is essentially in a plain text format. - -#### Clear - -This command promptly purges all content from the information board. The -clearance includes both the contents and statuses of the information board. A -new operation (such as encryption) will automatically trigger this clearing -process. - -### Optional Actions Menu - -In addition to the Information Board, an Optional Actions Menu will be presented -below it. If any auxiliary operations can be performed post your main operation -(such as displaying more detailed information, sending encrypted text via email, -etc.), the access points for these supplementary tasks will be made available -here. - -## Key ToolBox - -This feature presents a comprehensive list of key pairs stored on your device, -intended for use with Gpg operations. The keys within the ToolBox are classified -into multiple categories, each corresponding to a unique usage context. -Additionally, the ToolBox provides access to a variety of common operations, all -of which can be found in the Key List Menu. - -### Usage - -Most Gpg-related operations require specifying a key pair (for tasks like -encryption, decryption, signature, etc.). You can select the checkbox in the -first column of the Key ToolBox's table to designate one or more keys for your -operation. Categories that contain only public keys are frequently utilized in -cryptographic scenarios. - -### Classification - -The ToolBox showcases categories via tabbed display. None of these categories -include any expired or revoked keys. To view such keys, you should refer to the -Key Manager. The default category comprises all private and public keys. During -any operation, only the keys from the currently selected category will be -considered for input. - -### Columns - -Understanding this list is crucial. Let's walk through its components step by -step. - -- **Select**: Check the box in this column to notify Gpg Frontend that you wish - to use the key from this row for your subsequent operation. - -- **Type**: This column informs you about the key type and whether the primary - key exists in your key pair. - - - `pub` signifies that it is a public key, which can be used for encryption or - verification operations. - - `pub/sec` indicates that the key pair contains both public and private keys. - It can be employed for nearly all operations (consult the 'Usage' column to - confirm this). - - `pub/sec#` shows that the key pair has a public key and a private key, but - the primary key is absent from the key pair. This suggests you won't be able - to perform certain specific operations (like adding subkeys, signing other - key pairs, etc.) - - `pub/sec^` implies that one or more keys (subkeys or master keys) from the - key pair are in the smart card. - - `pub/sec#^` denotes a simultaneous occurrence of the previous two - situations. - -- **Name**: Represents the identity information of the key pair. -- **Email Address**: Also denotes the identity information of the key pair. -- **Usage**: Determines which operations the key pair can execute. Composed of - four uppercase letters, each letter signifies a specific use. - - - `C` stands for Certificate. Key pairs containing the primary key generally - have this usage. - - `E` stands for Encrypt. The key pair can be used for encryption operations. - - `S` stands for Sign. The key pair can be used for signing operations. - - `A` stands for Authenticate. The key pair can be used to perform operations - like SSH authentication. - -- **Validity**: A Gpg concept that roughly represents the level of trust in this - key. - -## Operations Bar - -Here, you can execute corresponding operations by clicking on the buttons -provided. For instance, after inputting text into a text editor and specifying -the desired key in the key toolbox, you can click the encryption button to -perform the operation. - -Some operations require key specification, while others do not, as will be -detailed in the respective sections of this document. - -### Customization - -For operations that you may not use for a while, you have the option to uncheck -the associated function group in the top menu view. Conversely, for the -operations you frequently use, you have the ability to add them here. diff --git a/manual/basic/view-keypair-info.md b/manual/basic/view-keypair-info.md deleted file mode 100644 index b3374493..00000000 --- a/manual/basic/view-keypair-info.md +++ /dev/null @@ -1,195 +0,0 @@ -# View Key Pair Details - -You can view the details of a key pair by right-clicking on the key pair in the -key toolbox or key management interface and selecting "Show key details". - -This section may include a brief introduction to gpg-related concepts and could -be relatively long. - -Below is a screenshot of a friend's public key that I obtained from the key -server. - - - -And here is a randomly generated private key. The most significant difference -between this and the previous key is that the key pair with only the public key -is used for encryption only, but if you possess the private key, you can perform -more actions (it also depends on your algorithm; DSA can only be used for -signatures). - - - -## General Info - -This interface provides some useful information to help you manage your key pair -properly. - -### Owner - -This section enables you to know the owner of this key pair. This information is -not fixed and can be changed. You can create a new UID in the UID section and -set it as the primary UID to change it. - -According to the OpenPGP protocol, this part is divided into Name, Email, and -Comment. - - - -### Primary Key - -This part is the information of the primary key of the key pair. The primary key -is very crucial because without it, you cannot perform related management -operations like adding and revoking sub-keys (similar to not being able to open -the key ring). Let's introduce the information of the primary key separately -below. If you want to learn more, see the [Basic Concepts](../basic-concepts.md) -section. - -The absence of the master key means that the private key of the master key does -not exist, but this doesn't mean that neither the public key nor the private key -exists. Please remember: Each subkey and primary key consist of a pair of public -and private keys. - - - -#### Key ID - -This is the unique identifier of the key, which is fixed and unchanging. Note -that this key ID is the key ID of the primary key. The key ID is uniquely -determined after the key is generated. Compared with the fingerprint, the key ID -is shorter and more user-friendly. - -#### Algorithm - -This refers to the algorithm used for key generation. This also pertains to the -generation algorithm of the primary key. The generation algorithm determines the -properties and capabilities of the key. Algorithms such as RSA can be used for -encryption and signature, but DSA can only be used for signature. However, the -DSA key length can be shorter. - -#### Key Size - -This is the length of the primary key. Generally, the longer the key, the harder -it is to crack the ciphertext. But at the same time, it takes more time for a -single operation. Generally speaking, a length of 2048 bits is safe enough (this -refers to the key generated using the RSA algorithm). - -#### Normal Usage - -This refers to what the key pair can conceptually be used for, including the -conceptual usage of the primary key and sub-key. When the primary key or subkey -generation can be used to sign, but it has already expired or does not exist, -the signature usage will still be displayed here. - -#### Actual Usage - -This is the actual usage of the primary key and all subkeys, which is the union -of their usage. If there is only one primary key in the key pair that can be -used for signing, but this primary key does not exist, then the signature usage -will not appear here, only in Normal Usage. In addition, when there is only one -subkey that can be used for signing, if it has expired, the signature purpose -will not be displayed here. - -#### Expires on - -This is the expiration time of the primary key. When the primary key expires, it -will become invalid and you can't use it for any operation. In addition, the -subkeys in the key pair will also be unavailable. Fortunately, you can change -the expiration time of the primary key at any time, or even set it to never -expire. The prerequisite for this is that the primary key exists in the key -pair. - -#### Last Update - -This is the time when the content of the key pair was last updated. Operations -such as adding a UID or subkey will modify the content of the key pair. - -#### Secret Key Existence - -This indicates whether the actual content of the primary key exists. When the -primary key does not exist, if there are still available subkeys in the key -pair, the key pair can still be used for normal operations. However, in the -above case, the content of the key pair cannot be modified (that is, operations -such as adding UID or subkey cannot be performed), and the key pair cannot sign -other key pairs. - -### Fingerprint - - - -The fingerprint of the key pair is used for humans to quickly compare whether -the key pair is the expected key pair. This field is unique for all keys in the -world. You can certainly do this with the key ID mentioned above. - -This also refers to the fingerprint of the primary key. - -## UID Info - -User ID (UID) is used to identify a key, mainly for human identification. It's -similar to a name tag that accompanies a key ring, indicating who the key ring -belongs to. By looking at the UID, users can get a rough idea of whether a key -pair is what they expected. However, for accurate identification, fingerprints -or key IDs should be compared. A key can have multiple UIDs, but a key pair can -only have one primary UID, which is always listed first in the interface. - - - -UID has three elements: Name, Email, Comment. The name should be at least five -characters long, and the email should conform to the format. The rules for -comments are relatively loose. - -### Signature of UID - -The lower section of the interface displays the signature of the selected User -ID (UID), not the checked one. This is a key trust system. When someone receives -your public key, they can use their private key to sign your nameplate, -indicating their recognition of your public key. Afterward, they can upload the -keyring with their signature to the keyserver. If many people do the same, the -public key on the keyserver will have numerous signatures, making it -trustworthy. - -You can also use the primary key of another key pair to sign a UID. Generally, a -primary UID of a key pair with many valid signatures is considered more -trustworthy. - -## Subkey Info - -The sub-key mechanism is a crucial feature of GPG that improves both flexibility -and security. However, it also introduces some complexity, which can be -challenging for beginners. For a basic understanding, consider the following -points: - -- A key pair can be likened to a key ring, comprising a primary key (a pair of - public and private keys) and multiple subkeys (or none). -- Each subkey and primary key consists of a pair of public and private keys. -- The subkey can perform related operations (such as signing, encryption) in the - absence or unavailability of the primary key. -- The functions of subkeys can overlap, and when both subkeys can be used for - signing, the earlier one is selected. -- Subkeys can use more algorithms than the primary key, but usually have the - same effect on daily operations. -- The disclosure of a subkey only affects that subkey, while the disclosure of - the primary key endangers the entire key pair. - -The primary key and all subkeys in the key pair are displayed on the interface. -Some information about the key is also listed below. - -### Key In smart card - -Whether a key is in the smart card refers to whether the key is moved to the -smart card. Moving the key to the smart card changes the structure of the key -and is irreversible. - -### Operations - -In this column, what you can do differs for a key pair that only has a public -key and a key pair that includes a private key. - -Here's what you can do with a public key-only key pair: - - - -And here's what you can do with a key pair that includes a private key: - - - -These operations will be explained in detail throughout the documentation. diff --git a/manual/contract.md b/manual/contract.md deleted file mode 100644 index 5b095c3b..00000000 --- a/manual/contract.md +++ /dev/null @@ -1,146 +0,0 @@ -# Contact Information - -Please avoid discussing business or political matters here. This space is -dedicated to fostering the well-being and advancement of humanity. If you have -any technical questions or suggestions on how to enhance this software, your -insights are very much welcome. - -For correspondence, I strongly prefer plain text emails over HTML formatted -messages. - -## Personal Details - -- **Name:** Eric -- **Email:** [[email protected]](mailto:[email protected]) (Server location: Federal - Republic of Germany) -- **Preferred Email Format:** Plain text, without HTML enhancements. - -### About My Domain - -The domain BKTUS (Bakantu Union US) is not a commercial entity but rather a -personal domain name of mine. - -### Language Proficiency - -I am proficient in the following languages and welcome communication in any of -them: - -1. English -2. Chinese -3. German - -### Secure Communication (GPG Public Key) - -For secure and encrypted communication, below is my long-term PGP public key. -Please ensure any encrypted messages are sent in plain text format and avoid -rich text formats like HTML. - -``` ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQGNBGCVnvEBDACuEcjxckb4rocHGU7VPT/OOOOZapNG/0ViB3XhmzNh7q8QJiq6 -M4z0fpC5sf1pHXbbKtehLETrAUTFuaEp19askZI0ISoz5+qKGZuaM3bDZWBjwUpt -woVgUphfeZy2DFsnmTtVj9CRU9Nma6smXVFud3Roj2ImZ0NFrkdETvprfLJ7jqk/ -mXgznNbbJdqmQ4l0I1E91VmrqHHHSakh3grzRDj/GuDookQl2JZfLA0J55qOYdkF -5mmnqbYURGVcP2oot/wSrrWH0F/WatwRx9w+jZjrJWgKjJoqWwvzG8WGop1XkRn1 -Ea3Nzj/KsSL7C5YRu03BL7wNu6UNIJ/zsAnNLp87nCY85w+HnNGHkL3QcnqNQbQP -3aySOkIjXdT8AlGIV5r5wO/RBg4e+xASGzQXx9lYbjJiiIOP2uLxYGGFbalDoiCa -sonlXzMZTJrK7VvZ2UsnSnBJ8l/EPsY/AeZdWbmswQaFsJlfNsZZ6T5Rfyjtu8a3 -fwPJTTsbfIB6N3EAEQEAAbQbU2F0dXJuZXJpYyA8ZXJpY0Bia3R1cy5jb20+iQHO -BBMBCAA4AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE4zeUicObcnDnDi4w -Oq8cZBN87lcFAmCWg1kACgkQOq8cZBN87leJfQv/ShjV9PRi8ixlJ1Ez1TDG+4N9 -EHoi2IwVK1UF51kA9lxyD+8n1ZHpcz7bRXV+YhHAO4A2l1ENrkCJVIZK9OO+Z64l -TPKCV9JVSkxcpnr6sqKJ76Zplwah1ZkwAG9tdK9H95wgeIkO4oSRutX/cCJ35Gko -FfhbV+/OyPYTT2562SZeQ2VqnptGLm0eF+FVt0HP4uxvRyGfgHQD46Ki6dr/JOXQ -j57S06CIHGj1RT4uQVSx53gbFvfIgweHsWraRWwY8jMrgOazlo/KRHG4N04eQdzM -K+WA80ODKuXdhnlGFMhn3RCFZpRV+Upso9syJ1FFChzsuX69+mRPvAojEDnREgd9 -s61nx5xWy6vKMB9oZiomNuPw2EScBwS9EK0M6APqgBaIdL6HOC7kjxBLfqgyhulD -qGZXWNvFj5P2FNMVwSvK1cYftYz+QWqB5BhbJT2H/HpF2xNsH7jfTxwUp6KrN1Bz -geNWgpQDXS5ZXU7dk22BwSah3nXs+LJi3Sloeh/piQHUBBMBCAA+FiEE4zeUicOb -cnDnDi4wOq8cZBN87lcFAmCVnvECGwMFCQPC1M8FCwkIBwIGFQoJCAsCBBYCAwEC -HgECF4AACgkQOq8cZBN87le3zAv/fMnxVMORS5rz/vsc0X8YSldmM1MqdIKSNghK -nQKKnzTBtTKA/oHEyPhjnQRaCfi4eUGeUsdZq8fwbN6sWSmbhJ6cOVgIps9YcS/U -sCV4egUHGy/+ozgDSh563v82ROWxXjszcnFz0F2d4stgroe8A//3OgQDv1wuhMJe -vtSZe8W8ebj7mt0zNjccGQzNkWo82mOyZfjgvK//vWisW4JwP8gfEKBgAktj5MCY -iGS2NbWPAToDIPCA6hKPb3sHQIY2/tGkKwyvr4oxwYRkNq4T5PWcV0p3qRsQudHp -ZXGiL3VNIW04ihLcn8uxSE6sQK2eq5wp/6Wnt1EWG1xb0pU2nPFuAlULHsGxM+bB -YJOk5WzYST1xdgXW3QxVsIoTuVqA+ehqrzvu+gGCz4uenFt6OAswqR7ii8D/Tpso -RAU0nTEOAVpCxXAMgsdUS6jOjtyfTHixGlVL6U3dY3wTuqWdbxmYX/g00PnOTYF0 -1plvf21NHMeYLk68+1nRbtqoLnPViQG5BBABCgAjFiEEnGCv/tNBLyJzYTX+0QUx -Uz7XYkoFAmG6ODgFg2shizAACgkQ0QUxUz7XYkq+BQwAxEzCMKxa21iKv9P7S6Vh -/ZrPMWPzRMoNjMGFeNHxYzyO6lKojoCVsdHaRvqqSota8wVGHglsg4FEZgkqEy+S -kTwMsorqzVhxAtzG9K1pU+wGouT5UPBXFGjusbLfxigxvuIGEVD2025FroE4xvMG -WnyD7r0leWkbF0z1crms2jbPcH0E7nbiiVHA6iOuBV5jo6qm1UxvJH3izSCocrDC -/yqPXg5cng6BPnctcWFzXbVGcB1HQ4LdiN4HWvB7q1mwRG2+qwL+UBybGsMpP+oa -YlIGP0FxNureXJgg8bVGcOOLITmuQ1xTOFu/1lUzk1QBqNql0mvqqScSYsAJxQcy -d95MFFeRLnQ3fJU18YrvlLtJIFxrLE+9IVCQsM3XGblXLCltIEgAunp1ylaVtb/w -4ScbQ/a5vWILh80L3dxcvVe1RlZe6cRwOb4aXRQm7osVaZ/boiaJ1nHYGdrh+qxi -QprHmOXeSPVV708VRaY9t8tSiLCRwVQO1e5e8GeXzIv/uQINBGCWgxEBEAC1Eho3 -A6ksoDWiC+nODHz8Dw95cIq8o9n+Wz7ywnxFJltvyWZ34c3nayi2PeH1cZlc7XXb -dYtbkXuf8zcdrNEFEuUihR/mRae5CZdeZRnoMQKar1WhnfQI8dYMRm/8GhJxcQcx -k0SmnOJ5t7avntKpj1wg423sHbDOLexVxg60PJ5z70FRCgQS/+CtJ9E3/UvN7Nvw -Bz1djQl631cr8iYpsYKjEw3OzMZB4U7Y16DiFUbrk0geNNHDMxQ6nYP0ZXXjP+a7 -bGPnPSY/zNMvDafONJbxvSz17Cy9rAfjmz5cFLyd0xTdH6mcepkEldTU5H1eNJIx -mFo2T5yk6BXCWZsaE1RniNI81Vmv98AGmCljsGFy1jjZDcNlVIzBKaIZkDZSjLuQ -rHaq2bVDSiCHrHmar1Aoc4O6H5RzVeFurGF7JK/+NbG+daFGppEwEhj4fq8VtdGR -C9iN23DAdm8FHIXlU6x1JRt0u6ePIh4pOXbAypGGbTLaWL6dtMT7NsJyC4Y+0gxm -rpXTwzc5lkbFPWNlmhw6LfLSrC4ClpC8C+TsakKaONtKyr/KRs9QxJAeoCHvthj/ -3+/aQGHm7bV8E+a0/Kd0B5lM3K6QnZ2ryl5xWA96pP+xKz8afnpPVx6Q8Qi5SRTF -DgrWwtqHXPgb6ODxWoI8iPjIEfql93rMEQ/HvQARAQABiQPyBBgBCAAmAhsCFiEE -4zeUicObcnDnDi4wOq8cZBN87lcFAmG6N+8FCQTmG90CQMF0IAQZAQgAHRYhBMRK -HkzKVcw8ggq55DpQORmv+khfBQJgloMRAAoJEDpQORmv+khfVPoQALOfRST9qQkA -56xQq5pN/JlXjwMjzXHkpuyBJcyVrqMX+lzpM+0j+1YeJj8ckY98pbRJxTebS7wz -hfFvgMDDDB6yvU518Zydh8Am2Iny4ABpjazKviKGoEyQwGb5ZKeJt4B3usw2L/VC -GxSnZwePBW8LWoTZvS4zG6jQ3JywbfiLojvz11LunOelpfi/Z7TklS29ckp0YrCO -ImMeCfNBnBWjI5SRY0ObhrdI4QK3auMxS2ICX005enDPFkwDYijtmug4KWcW9ZJ3 -yjo3WrKnkHBLOGXAejX/QXMP10HthHvORQPqgpcbiDE0+Zenw8Pg14GX0kdHJcAO -KzGO4QlL7kcQo3NSwzgm8h3v2T1AJ7ZTTSq1xInF8YvDnac3KtP6w0edzjMsxYRl -6W28WvPRfwfeh9uPSFv8GnnzelSqUm+vd1TspfALUNrUQL8u2MWMoVECCigrmoY3 -aIm9xphTROu641vTFFX3nyIb6ZwSWmPLafGIWKwxdFPQzLmK0y3D7uVbEe4L5RWN -9CH9Vwmr6QJ6vnjWsSHUwyCnyUNnIACzwX86IBDnkfkWOC6OOnSBgmhGE6WyJnCX -bptBlQAqDG9E9aDlyB1ndYcuOomp2ChsTJo30tX9d3K+hdVNfJfECjAWYTUwWs8N -iHV2roHZ26q8hLKdtMz0PnGhkfhNcGZjCRA6rxxkE3zuV1CBC/0aOW74yuxVTBhi -c+UNCjbHAZxc6gB8DnhuFp/h0FFfWR5SPKE7KjiZSAH38fzp9i1JT2KMfcDBrs4m -PPCaN7KHViU8Z9YF2FDCn+xqhDvm9j64FNYnTihWttgMM3AbZI+LPbwGl+Uaa4vF -n+sXrUqag8hu7fnCzoE+YPj03CUxSzCw4jXHh0Dyan33msEN6n6G6/XRG073HXxt -xiEaAeNDE+izq98WIfH1c4DVpKFPlD9DVdaCWHzl6vzU3d04g+sUQuMqrScm+rcm -BYCa+SRWnyl2q0dhnG1XjONOBNAZGorB9ooKH5HBFUVeFNsM4ufA+oRp+1XlaqXo -Tc7l+JeDEsVK1fmQljNRhBshaxk8fLPmCi1rmApME33aEGDsg8uc3IZXPe3r8cmY -D/AVSQI5MdPpXqq1VWv+faXL0lZtECtfOXp6l81OX5hqCC7hp6eW7gMofi02YiXU -aBwg2Kx/x2IxG7u9givkBV4oysiedKLNYWUTqjB2aKcRyWISCn+4MwRhujfiFgkr -BgEEAdpHDwEBB0DvyZqcMWkH1WlSfOywXkKTbITdzBKzaf4jtd3g+kjaC4kCMwQY -AQoAJhYhBOM3lInDm3Jw5w4uMDqvHGQTfO5XBQJhujfiAhsiBQkDwtdvAIEJEDqv -HGQTfO5XdiAEGRYIAB0WIQQKoW+sJgfi4tfYq0XFuG82AZ5SpwUCYbo34gAKCRDF -uG82AZ5Sp8xMAQCc6Q7vJXYXIoShHk4RmT1vkAy68k8XgHn9Kw+jbAze4gD9F22u -wWfbsFjiMLUOE2uWlwuLmJN827DBaVw5eOx9HA1F1AwAgFTv4dNTS0jKKIncUN4Y -XX4fA7UbBrwLY8jTAV49V+D+hoFfv09hG+q4xwKwe1yFrgacsHOXnXpTJz6ipU08 -GP9vTheyxSfQUvaWXLzHcGXkaV6aCBsDVWdQ8MHXujOsx/hjQSTDruygmEyc1nFi -aF1BLQDtTXW7GIiQX/l/uLVlnMNI4kdt7YUxjkUL6xD+U5q43B4KyGVIU9+ps4Mr -9wCWS/lot66VLT4FUVTFDF0c8hwEdxVZagZvExlv2SaW3XidRWL5xVAElRs/fgRn -dKFCFDJ1rOLUwj25r6zgu2zXlQ2RHWjgzhLzZmhzv3IX0mI9s5D6bJWy+6/HNCs8 -bTSq0Af79FCdZfPT8GVlY9NWcwsMthxiYJ/cbc/D+w4dX771lP2dU/KZkKuGxdhA -jGWqnGt8lqL3PEIsf1ylPDx6b7peFABWfGlPVUmpik2lTemlqWNPLX5gGmiiktGm -lZ6+bATms7izrrSs521ZKWoUT5TI+qQ7Paq/qsF5zIBGuQGNBGCVnvEBDAC8zNpS -GRHUp+X7hit0bCDPP8HR+rxH50rOVFtQNyXw32lkIrwnHq0Y7FR4t7OSWTkX1xvx -hXMILQdTBxKKrBtFIpQ44cO1UcklkYdCwE/F0lasLLfleo2NlG7ISwNEOxmJcWiw -mkLHN3CnqXpXXqpGDTRavbuhE7yRewp/jNSCsikrvL7NedB5Ef5EZmSkvx7kXibX -KzgKcyft5OlylRMUJS8gzzTPA+xMH/Cl1zFCSgymJw1DK1wx+u0ye2Oj7NDdrYtR -R1qLpCq7kaGIPvIW556/58sj+/YRGeP5JTjhYFk/K8QQr8cK6HWuJQVASJUP+KBk -8CiaqzbOPjlq69eGOymraa8H7JvSR5ArJWPczOxQyiEbYABOtJk1ZSz4v4pa7+RL -UfwFOYuTMyBoY3rJuGhVxA77oHftfjteH1YcKyJXrWnJEA2UbUmyRa5cwZ8S7HXO -IvMhCQS897TzjpablfnIKE0n99c2ylJ4y4fHYSXYDKiCPKniFio8CxfqY+cAEQEA -AYkBvAQYAQgAJhYhBOM3lInDm3Jw5w4uMDqvHGQTfO5XBQJglZ7xAhsMBQkDwtTP -AAoJEDqvHGQTfO5XFbAL/0XZJW6XUca9d7f6Ft/0crMILRKID5uuSaLN1jG7BuLT -wyWPhi7eSWbZQmlDFun/E3vHFj3U/WG13DJL6M89f3707R6rKxT1B17Ht53bO9zH -qJ9KesP1G+mR3phkhnxoQFlFvfSASZbDFtwEm3eZs55UBY4EPYf9MV+qPT0iNu1K -PVX427uQfI0Ic/m4xFAO2XI11wMunDQoXi7rjknjYWxqVyGgqgRLrBD1Bb/aLenK -N9Wn4FajEDaYrgpH46HHyhAOJ2RZbenWO689rZY6/0qPwDGRL7B2xiktu2G+e5JM -JjuRhwEB0g63G8M1MVuRGr/PvrBjs58kF47rxWpp2xmo8dqCHjNS3ze9pl6oyshP -a1J5zeDTNk3Ujgr9IJEzWLDWv9PP9ApcSD15Ia60bxSvsC8FJAZh81JEadLywx0Q -NBLmnMP3Dxpd21LKW8cWXa31F6E6eNf/45h7UGxVBRoOdPQ/Kwg4z69V9T/AXOuK -65XgtG5ajwlmoQcvVx7KIg== -=syqc ------END PGP PUBLIC KEY BLOCK----- -``` - -This setup is designed to maintain privacy and security in our communications. diff --git a/manual/contribute/contribute.md b/manual/contribute/contribute.md deleted file mode 100644 index 29044bc5..00000000 --- a/manual/contribute/contribute.md +++ /dev/null @@ -1,95 +0,0 @@ -# Contributing to GpgFrontend - -Thank you for considering contributing to GpgFrontend! As a community-driven -project currently maintained by a single individual, every contribution, no -matter how small, makes a significant difference. This guide is designed to -provide you with a clear pathway to contributing, whether you're submitting -changes via GitHub pull requests or sending git patches via email. Below, you'll -find the steps to set up your environment, make changes, and how to submit those -changes. Additionally, you'll find contact information for further assistance. - -## Technical Requirements - -To maintain the integrity and compatibility of GpgFrontend, please adhere to the -following technical standards for all contributions: - -- **C++ Standard:** Contributions must comply with the C++17 standard. This - requirement ensures that we leverage modern language features and maintain - forward compatibility. -- **C Standard:** For code that involves C programming, adherence to the C99 - standard is required. This helps ensure our code takes advantage of more - recent language features while maintaining compatibility with various - platforms and compilers. -- **Compiler Compatibility:** Your code should compile successfully with both - Clang and GCC compilers. This cross-compatibility is crucial for ensuring that - GpgFrontend can be built on a variety of platforms and environments. -- **Third-Party Libraries:** Introducing third-party libraries should be done - with caution. Any added library must be compatible with the GPL 3.0 license. - Prior discussion with project maintainers about the necessity and implications - of the new library is required. -- **Code Formatting:** Use our `.clang-format` and `.clang-tidy` configurations - to format your code. Consistent code formatting aids in maintaining the - readability and maintainability of the codebase. -- **Code Maintenance and Attribution:** Be aware that the project maintainer may - edit your code to better fit the project or enhance compatibility. You are - encouraged to include your name and contact information in the code comments - for your contributions if you wish. - -### Additional Standards to Consider - -- **Static Analysis:** To ensure code quality and catch potential issues early, - contributions should pass static analysis checks where applicable. Tools like - Clang Static Analyzer or GCC's `-Wall -Wextra -pedantic` flags can be used to - identify potential issues. -- **Unit Testing:** If your contribution adds new functionality or changes - existing behavior, including unit tests to cover your changes is highly - recommended. This helps ensure that your contributions do not inadvertently - break existing functionality. -- **Documentation:** Update existing documentation or add new documentation as - necessary to reflect your changes or additions to the project. Well-documented - code is essential for future maintenance and for new contributors to - understand the project. - -## Getting Started - -### Step 1: Set Up Your Environment - -Make sure you have a configured Git environment. For GitHub contributions, fork -the repository and clone it locally. For email contributions, ensure Git is -installed on your machine. - -For setting up local development Environment, you can refer to [this -section](setup-dev-env.md). - -### Step 2: Making Changes - -Create a new branch for your work, implement your changes while adhering to the -technical requirements and standards mentioned, and commit your changes with -clear, descriptive commit messages. - -### Step 3: Submitting Contributions - -#### Via GitHub Pull Request - -Push your changes to your fork and submit a pull request to the original -repository. Ensure your pull request describes the changes made and the reason -for those changes. - -#### Via Email with Git Patch - -For email submissions, generate a git patch for your commits and send it to the -project's contribution email address. Make sure to include a detailed -description of your changes and the reasons for them in your email. - -## Contact - -If you have any technical questions or need assistance, refer to the Contact -document for the maintainer's email address. We are here to help and encourage a -collaborative development process. - -## Conclusion - -Your contributions are vital to the success and improvement of GpgFrontend. We -appreciate your efforts to adhere to these guidelines and look forward to your -innovative and high-quality contributions. Thank you for being a part of our -community. diff --git a/manual/contribute/setup-dev-env.md b/manual/contribute/setup-dev-env.md deleted file mode 100644 index 532208a5..00000000 --- a/manual/contribute/setup-dev-env.md +++ /dev/null @@ -1,118 +0,0 @@ -# Setting Up Your Local Development Environment - -Creating a local development environment that mirrors the GitHub Actions -workflow ensures consistency between local development and continuous -integration builds. This guide leverages the steps defined in our GitHub Actions -workflow to help you set up a similar environment on your local machine. By -following these steps, you'll be able to compile, build, and test the project in -an environment closely resembling our CI pipeline, minimizing integration -issues. The exact commands and environment configurations used during the -compilation are documented within the project's `.github/workflow/release.yml` -file. - -## Prerequisites - -- **Git:** Installed and configured on your system. -- **Compilers:** GCC and Clang for cross-compatibility. -- **CMake:** For generating build files. -- **Qt6:** If working on a project that utilizes Qt for its GUI. - -## Environment Setup Steps - -### Clone the Repository - -```bash -git clone https://github.com/saturneric/GpgFrontend.git -cd GpgFrontend -``` - -### Configure Git Line Endings - -This step ensures that line endings are consistent across different operating -systems. - -- **For Windows:** - -```bash -git config --global core.autocrlf false -git config --global core.eol lf -``` - -- **For macOS:** - -```bash -git config --global core.autocrlf false -git config --global core.eol lf -``` - -### Install Dependencies - -- **On Ubuntu 20.04:** - -```bash -sudo apt-get update -sudo apt-get install -y build-essential binutils git autoconf automake gettext texinfo gcc g++ ninja-build libarchive-dev libssl-dev libgpgme-dev -``` - -- **On macOS (11 and 12):** - -```bash -brew install cmake autoconf automake texinfo gettext openssl@3 ninja libarchive gpgme -brew link --force openssl@3 - -``` - -- **For Windows (via MSYS2):** Set up MSYS2 according to its documentation and - install the necessary packages: - -```bash -pacman -Syu -pacman -S mingw-w64-x86_64-gcc mingw-w64-x86_64-make mingw-w64-x86_64-cmake autoconf automake make texinfo mingw-w64-x86_64-qt6 libintl msys2-runtime-devel gettext-devel mingw-w64-x86_64-ninja mingw-w64-x86_64-gnupg mingw-w64-x86_64-libarchive -``` - -### Install Qt6 (if applicable) - -Use the Qt online installer or your package manager to install Qt6 and the -required modules for your project. - -### Build Third-Party Libraries (if needed) - -Follow the project's documentation to clone and build necessary third-party -libraries such as `libgpg-error`, `libassuan`, and `GpgME`. Use the same -commands as specified in the GitHub Actions workflow, adapted for your local -environment. - -### Configure and Build the Project - -- **For Linux and macOS:** - -```bash -mkdir build && cd build -cmake .. -DCMAKE_BUILD_TYPE=Release -make -j$(nproc) -``` - -- **For Windows (via MSYS2):** - -```bash -mkdir build && cd build -cmake .. -G "MinGW Makefiles" -DCMAKE_BUILD_TYPE=Release -mingw32-make -j$(nproc) -``` - -### Running Tests - -After building, run the project's tests to verify everything is working as -expected. - -## Notes - -- Adjust the build type (`Release`, `Debug`, etc.) as needed. -- Replace project-specific commands and dependency installation commands based - on your project's requirements. -- For macOS, additional steps for code signing and notarization are required only - for distribution. - -By closely following the GitHub Actions workflow for local setup, you're -creating a development environment that minimizes surprises during the -integration and deployment phases. diff --git a/manual/contribute/translate-interface.md b/manual/contribute/translate-interface.md deleted file mode 100644 index 7f09da54..00000000 --- a/manual/contribute/translate-interface.md +++ /dev/null @@ -1,45 +0,0 @@ -# Translate Interface - -GpgFrontend is designed to support multiple languages, but requires volunteer -contributions to achieve this goal. Fortunately, translation work does not -require an understanding of difficult technology. Volunteers only need to move -their fingers to complete. - -## Work Offline - -### What you need to know about translation work - -From v2.1.2, GpgFrontend uses the Qt translation support library [Qt -Linguist](https://doc.qt.io/qt-6/qtlinguist-index.html) in the Qt project. -Before starting everything, you need to know something about this library. After -you are sure about the content of the document, you can first try to see how -GpgFrontend uses the tools provided by this library. - -### About translation files - -1. Download or clone source code - [HERE](https://github.com/saturneric/GpgFrontend) -2. You will find some ts files(.ts) at path `resource/lfs/locale/ts` - -### Before starting your work - -In order to facilitate coordination, please contact me via email before you -start this work. This is very important, please contact me first so that the -work you do can be better used by GpgFrontend. - -### Updates to Translation Work Process - -- **For correcting existing translations**: You can directly modify the ts files - and then send them to me via email. -- **For adding a new language translation**: If you're unfamiliar with the - process, you can request a new ts file by emailing me. I will provide you with - the necessary file to start the translation for the new language. - -### Hand in your work - -You can submit your great work in two ways: - -1. Raise a pull request and merge the changed translation file(s) to the - repository. -2. [Email ME](mailto:[email protected]). Please attach the changed ts file in the - email. diff --git a/manual/downloads.md b/manual/downloads.md deleted file mode 100644 index f1c3fde1..00000000 --- a/manual/downloads.md +++ /dev/null @@ -1,50 +0,0 @@ -# Downloads - -GpgFrontend is available for download through multiple channels. For more -detailed instructions on installation and getting started, please refer to the -[Quick Start Manual](quick-start.md). - ---- - -## Download Options Across Platforms - -### GitHub Releases - -- **Latest Release Download**: Click the badge below to directly navigate to the - GitHub page for the latest release download. - - [](https://github.com/saturneric/GpgFrontend/releases/latest) - -### SourceForge - -- **SourceForge Download**: Access the download page on SourceForge through the - download button below. - - [](https://sourceforge.net/projects/gpgfrontend/files/latest/download) - -### Homebrew Cask - -- **Homebrew Cask**: Mac users can check the version information through the - badge below or install using the command line. - - [](https://formulae.brew.sh/cask/gpgfrontend) - - Install command: - - ``` - brew install --cask gpgfrontend - ``` - -### Flatpak - -- **Flatpak Installation**: Linux users can click the image below to navigate to - the Flathub page for installation. - - [](https://flathub.org/apps/com.bktus.gpgfrontend) - -### Microsoft Store - -- **Microsoft Store Download**: Windows users can visit the application store - page through the Microsoft Store badge below. - - <ms-store-badge productid="9NH716MQK2B5"></ms-store-badge> diff --git a/manual/faq.md b/manual/faq.md deleted file mode 100644 index 135c6567..00000000 --- a/manual/faq.md +++ /dev/null @@ -1,96 +0,0 @@ -# Frequently Asked Questions (FAQ) - -## Understanding GpgFrontend - -**What is GpgFrontend?** GpgFrontend is a user-friendly, cross-platform tool -designed to facilitate the use of OpenPGP encryption, making it easier for -individuals to protect their privacy and secure their communications. - -**What can I do with GpgFrontend?** Beyond basic encryption and decryption, -GpgFrontend supports digital signatures to verify the integrity and origin of -messages. Users can manage and generate key pairs, encrypt files and emails, and -sign their communications for added security. - -**How can I obtain and start using GpgFrontend?** You can download the latest -version of GpgFrontend from its GitHub repository. Visit [GpgFrontend's -Downloads Page](https://www.gpgfrontend.bktus.com/#/downloads) to find the most -recent release. Installation is straightforward: just follow the ReadME -instructions to set it up. - -## OpenPGP and GnuPG Explained - -**How do OpenPGP and GnuPG relate?** OpenPGP serves as a standardized protocol -for encrypting and decrypting data, which GpgFrontend supports. GnuPG, or GPG, -implements the OpenPGP standard, providing the necessary cryptographic -functions. GpgFrontend leverages GnuPG for operations like encryption, -decryption, and key management. - -**Which operating systems does GpgFrontend support?** GpgFrontend is a -cross-platform application that supports Windows, macOS, and Linux, making it -accessible to nearly all users for their privacy and data protection needs. - -## Troubleshooting GnuPG Installation Issues - -**Encountering 'GnuPG not installed correctly'?** This issue typically arises -when GpgFrontend cannot locate GnuPG on your system. Here are steps to address -this based on your operating system: - -### For macOS Users - -- **Install GnuPG for OSX** from - [here](https://sourceforge.net/p/gpgosx/docu/Download/), or install - GpgFrontend using Homebrew with `brew install --cask gpgfrontend`. -- If GnuPG is installed in a custom location, please tell GpgFrontend where the - gpgconf binary it is at GnuPG Controller. - -### For Linux Users - -- Install GnuPG via your package manager (apt, yum, etc.). -- If GnuPG is installed in a custom location, please tell GpgFrontend where the - gpgconf binary it is at GnuPG Controller. - -### For Windows Users - -- The latest GpgFrontend versions include GnuPG. It's recommended to download - the most recent GpgFrontend version. -- Alternatively, download GnuPG from - [here](https://www.gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.0_20221216.exe) - and reinstall if necessary. - -### Additional Assistance - -- For more detailed guidance, refer to the quick start manual available at - [Quick Start Guide](quick-start.md). - -## Reporting Bugs and Contributing - -**Found a bug?** If you encounter any issues with GpgFrontend, please report -them via the GitHub repository. You can also contact me directly if you're not -on GitHub; see the [Contact](contract.md) section for details. - -**Interested in contributing?** Feel free to modify GpgFrontend's code and -submit a Pull Request with your enhancements. You can also send patches via -email if you prefer to contribute anonymously. - -## Why the Need for GnuPG? - -**Importance of Installing GnuPG** GpgFrontend itself does not handle direct -encryption or decryption; it requires GnuPG for these operations. This design -choice ensures higher security, allowing users to rely on their own verified -version of GnuPG. - -## Understanding BETA Versions - -**What does "BETA" signify in a release?** A "BETA" label indicates that the -version may not have undergone comprehensive testing, particularly for new -modules. While beta versions are carefully evaluated post-release, and stable -versions are published when ready, the aim is to avoid beta releases from -version 2.0.0 onwards, barring exceptional circumstances. - -## Security and Privacy - -**How does GpgFrontend ensure my communications are secure?** GpgFrontend uses -GnuPG to implement the OpenPGP standard, securing your data with robust -encryption algorithms to prevent unauthorized access. It supports public and -private key encryption methods, ensuring only intended recipients can decrypt -and read your messages. diff --git a/manual/features/introduce.md b/manual/features/introduce.md deleted file mode 100644 index bf0e57c7..00000000 --- a/manual/features/introduce.md +++ /dev/null @@ -1,8 +0,0 @@ -# Introduce Features - -GpgFrontend provides some advanced functions that can meet the needs of certain -scenarios. - -These are the primary features as of the current version. As GpgFrontend -continues to evolve, additional features may be added to enhance its -capabilities and user experience.
\ No newline at end of file diff --git a/manual/features/key-package.md b/manual/features/key-package.md deleted file mode 100644 index de364908..00000000 --- a/manual/features/key-package.md +++ /dev/null @@ -1,59 +0,0 @@ -# KeyPackage Functionality - -## Overview - -The KeyPackage is a feature designed to securely package and transfer key data -between different devices. It encapsulates both the public and private keys of -multiple key pairs, ensuring that users can maintain cryptographic functionality -across various platforms. This document outlines the process of creating, -exporting, and safely transferring a KeyPackage. - -## Creating a KeyPackage - - - -## Exporting the KeyPackage - -After configuring the export settings: - -1. Click on the 'OK' button to create the KeyPackage. -2. The interface will generate two files: - - A `.gpgpack` file containing the packaged keys. - - A `.key` file which should be kept confidential and deleted after the transfer is complete. - -## Security Notice - -When the KeyPackage is successfully created, a message will inform you that the -package is protected with encryption algorithms (e.g., AES-256-ECB) and is safe -to transfer. However, it emphasizes that the key file must not be disclosed -under any circumstances. Users are advised to delete the KeyPackage file and the -key file as soon as possible after the transfer is complete. - -## Transferring the KeyPackage - -To transfer the KeyPackage: - -1. Use a secure transfer method to move the `.gpgpack` file to the target - device. This could be through a secured network connection, encrypted email, - or a physical device like a USB drive, which should be encrypted as well. -2. Once transferred, import the KeyPackage into the key management tool on the - target device using the passphrase set during the creation process. - -## After Transfer: Importing and Verifying - - - -## Best Practices - -- Always ensure that you are transferring key data over a secure channel. -- Keep the passphrase strong and confidential. -- Delete the KeyPackage files from all devices and any intermediaries (like - email servers or cloud storage) after the transfer is complete to prevent - unauthorized access. - -## Conclusion - -The KeyPackage feature streamlines the process of transferring key data between -devices while maintaining high security standards. By following the steps -outlined in this document, users can effectively manage their cryptographic keys -across multiple platforms. diff --git a/manual/features/sync-all-public-keys.md b/manual/features/sync-all-public-keys.md deleted file mode 100644 index 2658f84e..00000000 --- a/manual/features/sync-all-public-keys.md +++ /dev/null @@ -1,71 +0,0 @@ -# Synchronizing Public Keys with Key Server - -Keeping your public keys in sync with those stored on a key server is crucial -for secure communications. This synchronization ensures that any changes to -public keys, such as revocations or the addition of subkeys, are reflected in -your local keyring. Without this, you may be vulnerable to security risks like -man-in-the-middle attacks or authentication errors. - -Here's a structured guide to maintaining public key synchronization using the -GpgFrontend's Public Key Sync feature. - -## Importance of Public Key Synchronization - -**Key Revocation:** If a key is revoked by its owner, it's vital to stop using -it immediately. Revocation might occur if the private key is compromised or if -the key is no longer used. - -**Subkey Updates:** If a new signing subkey is generated, it's essential for -your local gpg to recognize it. Without the updated information, gpg won't -authenticate signatures made with the new subkey. - -## How to Sync Public Keys - -GpgFrontend automates the public key synchronization process through a -user-friendly interface. Here’s how to use it: - -1. Open the **Key Management** interface. -2. Locate and click the **Sync Public Key** button. This initiates the automatic - synchronization. - - - -_Note: Replace the placeholder text with the actual link to the image showing -the Sync Public Key button._ - -The feature works by checking all the public keys in your possession against the -key server. If there's an updated version of a key you own, GpgFrontend will -import the new details to your local keyring. - -### Choosing the Right Key Server - -To know which key server GpgFrontend interacts with, follow these steps: - -1. Go to the settings section of GpgFrontend. -2. The default key server configured will be listed here. - - - -_Note: Replace the placeholder text with the actual link to the image showing -the key server settings._ - -If you need to use a different key server: - -1. Navigate to the key server settings within GpgFrontend. -2. Add your preferred key server's details. -3. Set it as the default for future synchronizations. - -## Best Practices for Key Synchronization - -- **Regular Sync:** Regularly sync your keys to ensure you have the latest - updates, especially before engaging in secure communication. -- **Verify Changes:** After syncing, verify any changes or updates to ensure - they are legitimate. -- **Secure Network:** Always perform key synchronization over a secure network - to prevent interception or tampering. - -## Conclusion - -By following this guide, you can ensure that your public keys are always -up-to-date, reflecting the current status on the key server, thereby maintaining -the integrity of your encrypted communications. diff --git a/manual/index.html b/manual/index.html deleted file mode 100644 index ff19b33d..00000000 --- a/manual/index.html +++ /dev/null @@ -1,39 +0,0 @@ -<!DOCTYPE html> -<html lang="en"> -<head> - <meta charset="UTF-8"> - <title>GpgFrontend - An OpenPGP Frontend Tool</title> - <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> - <meta name="description" content="Description"> - <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0"> - <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/docsify-themeable@0/dist/css/theme-defaults.css"> - <link rel="shortcut icon" href="https://image.cdn.bktus.com/i/2024/02/24/b885d4e2-7695-1b0a-ec5e-a43d4102a5b7.webp" type="image/x-icon"> -</head> -<body> - <div id="app"></div> - <script> - window.$docsify = { - search: 'auto', - logo: 'https://image.cdn.bktus.com/i/2024/02/24/21268bd9-ed92-671b-561c-562e15de2ed2.webp', - name: 'GpgFrontend', - loadNavbar: true, - loadSidebar: true, - routerMode: 'history', - coverpage: true, - onlyCover: true, - subMaxLevel: 1, - repo: 'https://github.com/saturneric/GpgFrontend', - mergeNavbar: true, - alias: { - '/.*/_sidebar.md': '/_sidebar.md' - } - } - </script> - <script src="//cdn.jsdelivr.net/npm/docsify/lib/docsify.min.js"></script> - <script src="//cdn.jsdelivr.net/npm/docsify/lib/plugins/emoji.min.js"></script> - <script src="//cdn.jsdelivr.net/npm/prismjs@1/components/prism-bash.min.js"></script> - <script src="//cdn.jsdelivr.net/npm/prismjs@1/components/prism-php.min.js"></script> - <script src="//cdn.jsdelivr.net/npm/docsify-edit-on-github"></script> - <script type="module" src="https://get.microsoft.com/badge/ms-store-badge.bundled.js"></script> -</body> -</html> diff --git a/manual/overview.md b/manual/overview.md deleted file mode 100644 index e09c7bbd..00000000 --- a/manual/overview.md +++ /dev/null @@ -1,64 +0,0 @@ -# GpgFrontend: Your OpenPGP Companion - ---- - - - - - -[](https://www.codacy.com/gh/saturneric/GpgFrontend/dashboard?utm_source=github.com&utm_medium=referral&utm_content=saturneric/GpgFrontend&utm_campaign=Badge_Grade) -[](https://app.fossa.com/projects/git%2Bgithub.com%2Fsaturneric%2FGpgFrontend?ref=badge_shield) - -**GpgFrontend** stands as a premier, cross-platform, user-friendly, and compact -tool for all your [OpenPGP](https://www.openpgp.org/) encryption needs. Designed -for both beginners and experts in data security, GpgFrontend simplifies -encryption, decryption, and digital signing, offering a seamless interface for -managing OpenPGP tasks. Embrace the latest features of GnuPG 2.x, enhancing your -security in the digital age. - -**Document Version Reference: [v2.1.2](https://github.com/saturneric/GpgFrontend/releases/tag/v2.1.2)** - -## User Interface Glimpse - -_Note: GpgFrontend's appearance may vary across different operating systems and -themes. Always refer to the corresponding version of the software for the most -accurate documentation._ - - - -## Project Origins and Mission - -GpgFrontend inherits its core from the stable and user-friendly -[gpg4usb](https://www.gpg4usb.org/) project, aiming to introduce OpenPGP's new -features while maintaining simplicity and accessibility. My goal is to -ensure data security, making GnuPG's powerful tools available to all, -regardless of technical expertise. - -### A Commitment to Freedom and Security - -As a solo-maintained open-source project, GpgFrontend is a testament to the -power of community and the pursuit of privacy. It remains forever free, inviting -contributions, suggestions, and feedback from users worldwide. - -## Explore the Source - -Dive into the development journey on GitHub, where every line of code, each -update, and user feedback converge to refine and enhance GpgFrontend. - -- [GitHub Repository](https://github.com/saturneric/GpgFrontend) - -### License and Contributions - -Licensed under GPL-3.0, GpgFrontend champions open-source values. Contributions -are not just welcomed but essential—whether through issue reports, pull -requests, or code patches via email. - -## Ensuring Your Privacy - -With a serverless design, GpgFrontend guarantees your data stays yours alone. -For those requiring extra security layers, future versions will offer offline -functionality, further solidifying its stance as a privacy-first tool. - -GpgFrontend is more than software; it's a commitment to secure, accessible, and -open communication for everyone. Join us in this journey, where your security -and privacy are paramount. diff --git a/manual/quick-start.md b/manual/quick-start.md deleted file mode 100644 index 7c4f6218..00000000 --- a/manual/quick-start.md +++ /dev/null @@ -1,206 +0,0 @@ -# Getting Started with GpgFrontend - -Welcome to GpgFrontend, the cross-platform, OpenPGP encryption tool designed for -simplicity and security. This guide will walk you through the installation -process tailored to your operating system, ensuring you can start securing your -communications as quickly and efficiently as possible. - -## Before You Begin: Prerequisites - -**Note for Windows or macOS users who utilize Homebrew: You may skip this -prerequisites section.** - -GpgFrontend leverages the robust functionalities of GnuPG for encryption, -decryption, and key management. It is crucial to have GnuPG installed on your -device to make full use of GpgFrontend. Starting from version 2.0, GnuPG -operates on modular components for enhanced functionality, requiring proper -integration with your system. - -Be aware, due to GnuPG's inability to function within an App Sandbox, -GpgFrontend is not available through the Apple Store. - -For Linux users, most contemporary distributions come with GnuPG 2.0 -pre-installed. Check your GnuPG version with `gpg --version` in your terminal. -It is advisable to upgrade to GnuPG version 2.2 or later for optimal performance -and compatibility. - -## Installation & Execution Guide - -### For Windows Users - -#### Portable Version (No Installation Required) - -1. **Download** the portable version from [GpgFrontend's latest - releases](https://github.com/saturneric/GpgFrontend/releases/latest), labeled - `GpgFrontend-*******-windows-x86_64-portable.zip`. -2. **Extract** the contents of the downloaded ZIP file. -3. **Run** `GpgFrontend.exe` from the extracted `Program/bin` directory. - -#### Installer Version - -1. **Download** the installer from [GpgFrontend's latest - releases](https://github.com/saturneric/GpgFrontend/releases/latest), named - `GpgFrontend-*******-windows-x86_64-setup.exe`. -2. **Install** GpgFrontend by following the on-screen instructions. After - installation, you can access GpgFrontend directly from your desktop. - -### For macOS Users - -GpgFrontend's macOS packages are Apple-verified, allowing straightforward -opening without additional permissions. - -#### Using Homebrew Cask - -For an effortless install or removal process, use Homebrew Cask: - -1. Ensure **Homebrew** is installed. -2. **Install** GpgFrontend with the command `brew install --cask gpgfrontend`. -3. **Launch** GpgFrontend from your Launchpad. - -#### Manual Installation from DMG - -1. **Install GnuPG** via Homebrew or download it from [GPG for OS - X](https://sourceforge.net/projects/gpgosx/files). -2. **Download** the `GpgFrontend-*******-macos-**.dmg` file from [GpgFrontend's - releases](https://github.com/saturneric/GpgFrontend/releases). Select - `x86_64` for compatibility with Intel and Apple Silicon chips. -3. **Mount** the DMG file and **run** GpgFrontend. -4. **Optional:** Drag GpgFrontend into your Applications folder for easy access. - -### For Linux Users (AppImage) - -AppImage simplifies software distribution by bundling applications and all -necessary libraries into a single, executable file, eliminating dependency -conflicts. - -1. **Install GnuPG** if it's not already installed. - - Debian/Ubuntu: `sudo apt update && sudo apt install gpg` - - CentOS: `sudo yum install gnupg` -2. **Download** the AppImage from [GpgFrontend's - releases](https://github.com/saturneric/GpgFrontend/releases), labeled - `GpgFrontend-*******-linux-x86_64.AppImage`. -3. **Make it executable:** `chmod u+x ./GpgFrontend-***-linux-x86_64.AppImage`. -4. **Launch** the AppImage with a double-click or through the terminal. - -### BSD Users (FreeBSD/OpenBSD) - -Currently, there are no binary releases for BSD systems. However, GpgFrontend -can be compiled and run on BSD. Refer to the GitHub repository for build -instructions. - -## Downloading from GitHub Releases - -GpgFrontend is primarily distributed through GitHub Releases, ensuring -accessibility and eliminating the need for personal server management. - -Upon navigating to [GpgFrontend's download -page](https://github.com/saturneric/GpgFrontend/releases/latest), you'll find -detailed information about the latest version, including new features and fixes. -Each release is signed for security verification purposes, allowing users with -heightened security needs to confirm the authenticity of the downloaded files. - -Scroll down to the **Assets** section to select the appropriate version for your -operating system. The filenames include a unique identification number, crucial -for reporting any version-specific issues. - -Files ending in 'signature' are GPG separate signatures, which can be verified -with GPG to ensure they are officially released and approved by me. - -Select the version that suits your system or follows the provided instructions -to begin the download. - -By following these steps, you'll be ready to use GpgFrontend, enhancing your -digital security with powerful encryption tools at your fingertips. - -## Basic Operations with GpgFrontend - -After successfully installing GpgFrontend, you're ready to dive into the world -of encryption and secure communication. This guide will walk you through some -fundamental operations to get you started. - -### Generating Your First Key Pair - -1. Open GpgFrontend: Launch the application. -2. Access Key Management: Navigate to the "Key Management" section. -3. Generate Key Pair: Look for an option to "Generate" a new key pair. -4. Fill in your details, such as name and email, and choose your desired key - type and size. You can also add a comment if you wish. -5. Set an expiration date for the key, or choose 'Never Expire' if you prefer. -6. Create a passphrase for your key to ensure its security. Remember to use a - strong passphrase that you won't forget. -7. Once all details are filled in, click 'OK' to generate your key pair. - -### Encrypting - -1. **Write a Message:** Start by writing a message in the main text area of - GpgFrontend. -2. **Choose Recipient:** Select the public key of the message's recipient. If - you're practicing, you can select your own public key. -3. **Encrypt:** With the recipient's public key selected, click on the "Encrypt" - option. The text will be encrypted, making it readable only by the selected - recipient. - -### Decrypting - -1. **Receive an Encrypted Message:** Copy the encrypted message into - GpgFrontend's main text area. -2. **Decrypt:** Click on the "Decrypt" option. If the message was encrypted with - your public key, you would need to enter the password for your private key to - decrypt it. - -### Signing - -1. **Create a Message:** Type your message in the text area. -2. **Sign:** Choose the "Sign" option and select your private key. Enter your - key's password to sign the message. This adds a digital signature that - verifies you as the message's sender. - -### Verifying - -1. **Receive a Signed Message:** Paste the signed message into GpgFrontend. -2. **Verify:** Click on "Verify" to check the signature. If the signature - matches the sender's public key, GpgFrontend will confirm the message's - integrity and authenticity. - -### Key Management and Sharing - -#### Exporting and Sharing Your Public Key - -1. Go to 'Manage Keys'. -2. Select your key pair and choose 'Export Key'. -3. Save your public key to a file or copy it to the clipboard to share it with - others. - -#### Importing a Public Key - -To communicate securely with someone else, you need their public key. Click -'Import key'. You can import a key file or copy and paste the public key -directly. After importing, the public key will appear in your keyring, ready for -use. - -### Exchanging Public Keys with Friends - -1. **Export Your Public Key:** From the "Key Management" section, find the - option to export your public key. Save it as a file or copy it to your - clipboard. -2. **Share Your Public Key:** Send your public key to your friend via email, - messaging app, or any secure channel you prefer. -3. **Import Your Friend's Public Key:** When your friend sends you their public - key, import it into GpgFrontend using the "Import" option in the "Key - Management" section. - -By exchanging public keys, you establish a secure channel for encrypted -communication. Only the holder of the corresponding private key can decrypt -messages encrypted with a public key, ensuring privacy and security in your -communications. - -## Conclusion - -GpgFrontend is a powerful tool for enhancing your digital security. By -generating key pairs, encrypting and decrypting messages, signing documents, and -exchanging public keys, you can safeguard your communications in a world where -privacy is increasingly precious. As you become more familiar with these -operations, explore further features and settings within GpgFrontend to tailor -your security practices to your needs. Remember, the cornerstone of digital -security is practicing safe key management and password hygiene. Welcome to the -secure side! |
