feat: fit documents to v2.1.3
This commit is contained in:
parent
47434d191d
commit
0d806fc1d0
@ -45,9 +45,9 @@ export default defineConfig({
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
label: "Reference",
|
label: "Extra",
|
||||||
autogenerate: {
|
autogenerate: {
|
||||||
directory: "reference",
|
directory: "extra",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
|
@ -70,7 +70,42 @@ To transfer the KeyPackage:
|
|||||||
2. Once transferred, import the KeyPackage into the key management tool on the
|
2. Once transferred, import the KeyPackage into the key management tool on the
|
||||||
target device using the passphrase set during the creation process.
|
target device using the passphrase set during the creation process.
|
||||||
|
|
||||||
## After Transfer: Importing and Verifying
|
## After Transfer: Importing
|
||||||
|
|
||||||
|
To import the KeyPackage after transferring it to the target device, follow
|
||||||
|
these steps:
|
||||||
|
|
||||||
|
![Importing KeyPackage](https://image.cdn.bktus.com/i/2024/06/15/a086df66-bdac-74fb-9a2c-35cddd224564.webp)
|
||||||
|
|
||||||
|
1. **Initiate Import**:
|
||||||
|
|
||||||
|
- Open the key management tool on the target device and click on the "Import
|
||||||
|
Key" button.
|
||||||
|
|
||||||
|
2. **Select KeyPackage Option:**
|
||||||
|
|
||||||
|
- As shown in the image, from the dropdown menu, select the "Key Package"
|
||||||
|
option. This indicates that you will be importing a KeyPackage.
|
||||||
|
|
||||||
|
3. **Select KeyPackage File**:
|
||||||
|
|
||||||
|
- A file selection dialog will appear. First, choose the `.gpgpack` file that
|
||||||
|
you transferred. This file contains the packaged keys.
|
||||||
|
|
||||||
|
4. **Select Key File**:
|
||||||
|
|
||||||
|
- After selecting the `.gpgpack` file, another file selection dialog will
|
||||||
|
prompt you to choose the corresponding key file. This key file is used to
|
||||||
|
decrypt the KeyPackage.
|
||||||
|
|
||||||
|
5. **Import Keys**:
|
||||||
|
- Once both files are selected, the key management tool will automatically
|
||||||
|
import the keys contained within the KeyPackage. You will be prompted to
|
||||||
|
enter the passphrase that was set during the creation of the KeyPackage to
|
||||||
|
complete the import process.
|
||||||
|
|
||||||
|
By following these steps, you can securely import your cryptographic keys from
|
||||||
|
the KeyPackage into the key management tool on the target device.
|
||||||
|
|
||||||
## Best Practices
|
## Best Practices
|
||||||
|
|
||||||
|
@ -28,23 +28,37 @@ authenticate signatures made with the new subkey.
|
|||||||
GpgFrontend automates the public key synchronization process through a
|
GpgFrontend automates the public key synchronization process through a
|
||||||
user-friendly interface. Here’s how to use it:
|
user-friendly interface. Here’s how to use it:
|
||||||
|
|
||||||
1. Open the **Key Management** interface.
|
1. **Open the Key Management Interface**:
|
||||||
2. In the list of public keys, you can now select specific keys to sync by
|
|
||||||
checking the boxes next to them.
|
|
||||||
3. Locate and click the **Sync Public Key** button. This initiates the automatic
|
|
||||||
synchronization for the selected keys. If no keys are selected, all public
|
|
||||||
keys will be synchronized. In this case, a confirmation prompt will appear to
|
|
||||||
confirm full synchronization.
|
|
||||||
|
|
||||||
![Sync Public Key
|
- Navigate to the Key Management interface by clicking on the "Manage Keys"
|
||||||
Button](https://image.cdn.bktus.com/i/2023/11/16/e2129464-6bd7-3fd4-e359-3a1f7a25bfd6.webp)
|
button in the main interface.
|
||||||
|
|
||||||
_Note: Replace the placeholder text with the actual link to the image showing
|
2. **Select Keys to Sync**:
|
||||||
the Sync Public Key button._
|
|
||||||
|
|
||||||
The feature works by checking all the public keys in your possession against the
|
- In the list of public keys, you can select specific keys to sync by
|
||||||
key server. If there's an updated version of a key you own, GpgFrontend will
|
checking the boxes next to them. If you want to sync all public keys, you
|
||||||
import the new details to your local keyring.
|
do not need to select any specific keys.
|
||||||
|
|
||||||
|
3. **Click the Sync Public Key Button**:
|
||||||
|
|
||||||
|
- Locate and click the **Sync Public Key** button. This button is represented
|
||||||
|
by a cloud icon with a refresh symbol, located in the toolbar at the top of
|
||||||
|
the Key Management interface.
|
||||||
|
- If you have selected specific keys, the synchronization process will
|
||||||
|
initiate for those keys. If no keys are selected, a confirmation prompt
|
||||||
|
will appear, asking you to confirm if you want to synchronize all public
|
||||||
|
keys.
|
||||||
|
|
||||||
|
4. **Synchronization Process**:
|
||||||
|
- The feature works by checking all the public keys in your possession
|
||||||
|
against the key server. If there is an updated version of a key you own,
|
||||||
|
GpgFrontend will import the new details to your local keyring.
|
||||||
|
|
||||||
|
![Sync Public Key](https://image.cdn.bktus.com/i/2024/06/15/8771cd76-1a46-321e-8bf9-93d8db2a9f78.webp)
|
||||||
|
|
||||||
|
By following these steps, you can ensure that your public keys are always
|
||||||
|
up-to-date, enhancing the security and reliability of your cryptographic
|
||||||
|
communications.
|
||||||
|
|
||||||
### Choosing the Right Key Server
|
### Choosing the Right Key Server
|
||||||
|
|
||||||
@ -53,7 +67,7 @@ To know which key server GpgFrontend interacts with, follow these steps:
|
|||||||
1. Go to the settings section of GpgFrontend.
|
1. Go to the settings section of GpgFrontend.
|
||||||
2. The default key server configured will be listed here.
|
2. The default key server configured will be listed here.
|
||||||
|
|
||||||
![Default Key Server Setting](https://image.cdn.bktus.com/i/2023/11/16/9bcac7e1-e058-84a0-520b-039c64eb3443.webp)
|
![Default Key Server Setting](https://image.cdn.bktus.com/i/2024/06/15/03471d32-54f2-2be7-53a3-eeee03f74372.webp)
|
||||||
|
|
||||||
_Note: Replace the placeholder text with the actual link to the image showing
|
_Note: Replace the placeholder text with the actual link to the image showing
|
||||||
the key server settings._
|
the key server settings._
|
||||||
|
84
src/content/docs/extra/algorithms-comparison.md
Normal file
84
src/content/docs/extra/algorithms-comparison.md
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
---
|
||||||
|
title: Comparison of Cryptographic Algorithms
|
||||||
|
sidebar:
|
||||||
|
label: Comparison of Algorithms
|
||||||
|
---
|
||||||
|
|
||||||
|
When choosing cryptographic algorithms for key management and data security,
|
||||||
|
it's important to understand the differences and use cases for RSA, DSA, ECDSA,
|
||||||
|
and ECDH. Here’s a detailed comparison to help you make an informed decision:
|
||||||
|
|
||||||
|
## RSA (Rivest-Shamir-Adleman)
|
||||||
|
|
||||||
|
- **Key Characteristics**: RSA is one of the most widely used public key
|
||||||
|
algorithms. It was introduced in 1977 and is based on the difficulty of
|
||||||
|
factoring large prime numbers.
|
||||||
|
- **Key Sizes**: Typically, RSA keys are 2048 bits or larger. For higher
|
||||||
|
security, keys up to 4096 bits are used.
|
||||||
|
- **Use Cases**: RSA is versatile and can be used for both encryption and
|
||||||
|
digital signatures. It is widely supported in legacy systems and remains a
|
||||||
|
standard for SSL/TLS certificates.
|
||||||
|
- **Performance**: RSA operations, particularly key generation and decryption,
|
||||||
|
can be slower compared to elliptic curve algorithms due to larger key sizes.
|
||||||
|
- **Security**: Provides strong security, but larger key sizes are required as
|
||||||
|
computational power increases.
|
||||||
|
|
||||||
|
## DSA (Digital Signature Algorithm)
|
||||||
|
|
||||||
|
- **Key Characteristics**: DSA, introduced by NIST in 1991, is primarily used
|
||||||
|
for digital signatures and is not suitable for encryption.
|
||||||
|
- **Key Sizes**: Typically uses 1024 to 3072-bit keys, with a recommended
|
||||||
|
minimum of 2048 bits for new deployments.
|
||||||
|
- **Use Cases**: Mainly used for digital signatures in various security
|
||||||
|
protocols. It is less common than RSA and ECDSA.
|
||||||
|
- **Performance**: Faster at generating keys compared to RSA but slower in
|
||||||
|
verification. Requires a secure random number for each signature, which if
|
||||||
|
compromised, can lead to vulnerabilities.
|
||||||
|
- **Security**: Suitable for digital signatures, but less versatile and not as
|
||||||
|
widely supported as RSA and ECDSA.
|
||||||
|
|
||||||
|
## ECDSA (Elliptic Curve Digital Signature Algorithm)
|
||||||
|
|
||||||
|
- **Key Characteristics**: ECDSA is based on elliptic curve cryptography (ECC)
|
||||||
|
and provides equivalent security to RSA with much shorter key lengths.
|
||||||
|
- **Key Sizes**: Commonly uses 224-bit keys for the same security level as
|
||||||
|
2048-bit RSA keys. Higher security levels can be achieved with 256, 384, or
|
||||||
|
521-bit keys.
|
||||||
|
- **Use Cases**: Used for digital signatures, particularly in constrained
|
||||||
|
environments like mobile devices and IoT due to its efficiency.
|
||||||
|
- **Performance**: More efficient and faster than RSA for the same security
|
||||||
|
level. Requires less computational power and bandwidth.
|
||||||
|
- **Security**: Offers strong security with smaller key sizes, making it
|
||||||
|
suitable for environments with limited
|
||||||
|
resources.
|
||||||
|
|
||||||
|
## ECDH (Elliptic Curve Diffie-Hellman)
|
||||||
|
|
||||||
|
- **Key Characteristics**: ECDH is used for key exchange based on elliptic curve
|
||||||
|
cryptography. It is commonly paired with ECDSA for secure communications.
|
||||||
|
- **Key Sizes**: Similar to ECDSA, ECDH uses shorter keys for equivalent
|
||||||
|
security levels (e.g., 256-bit ECDH for 128-bit security).
|
||||||
|
- **Use Cases**: Ideal for establishing shared secrets over an insecure channel,
|
||||||
|
often used in conjunction with ECDSA for encryption and authentication.
|
||||||
|
- **Performance**: Efficient in terms of computational power and key size.
|
||||||
|
Suitable for applications requiring secure key exchange.
|
||||||
|
- **Security**: Provides robust security with smaller keys, making it efficient
|
||||||
|
for both performance and security.
|
||||||
|
|
||||||
|
## Algorithm Flexibility in Primary Keys and Subkeys
|
||||||
|
|
||||||
|
Primary keys are typically limited to RSA, DSA, and ECDSA due to their critical
|
||||||
|
role in establishing trust and signing other keys. These algorithms are
|
||||||
|
well-established and extensively audited, providing robust security for identity
|
||||||
|
verification.
|
||||||
|
|
||||||
|
Subkeys, however, are often used for specific operational tasks such as
|
||||||
|
encryption and authentication. This allows them to utilize a broader range of
|
||||||
|
algorithms like ECDH, which is optimized for key exchange. The flexibility in
|
||||||
|
choosing algorithms for subkeys enhances their efficiency and allows
|
||||||
|
cryptographic operations to be tailored to specific use cases, providing both
|
||||||
|
performance and security benefits.
|
||||||
|
|
||||||
|
By understanding the strengths and appropriate use cases for each algorithm, you
|
||||||
|
can choose the best cryptographic solution for your needs, ensuring both
|
||||||
|
security and efficiency in your operations.
|
@ -6,63 +6,113 @@ GpgFrontend offers a fast and convenient method for working with files. The
|
|||||||
encryption and decryption process for files is nearly identical to that of text,
|
encryption and decryption process for files is nearly identical to that of text,
|
||||||
with the exception that file operations involve binary input and output.
|
with the exception that file operations involve binary input and output.
|
||||||
|
|
||||||
## File Extension Introduction
|
## Using File Browser for Encryption and Decryption
|
||||||
|
|
||||||
For ciphertext in ASCII format, the file extension is typically "asc" and these
|
After clicking the **File Browser** button, a system directory selection dialog
|
||||||
files can be opened with a text editor. On the other hand, if the ciphertext is
|
will appear. Follow these steps to perform encryption, decryption, and signing
|
||||||
in binary format, the file extension will be "gpg". Binary ciphertext files are
|
operations:
|
||||||
generally smaller than ASCII format.
|
|
||||||
|
1. **Open File Browser**:
|
||||||
|
|
||||||
|
- Click the **File Browser** button in the toolbar at the top of the
|
||||||
|
interface. This will open a system dialog allowing you to choose a
|
||||||
|
directory.
|
||||||
|
|
||||||
|
2. **Select Directory**:
|
||||||
|
|
||||||
|
- In the system dialog, navigate to the desired directory and select it. Once
|
||||||
|
selected, a new tab named "File Browser" will open in GpgFrontend,
|
||||||
|
displaying the contents of the chosen directory.
|
||||||
|
|
||||||
|
3. **Select a File**:
|
||||||
|
|
||||||
|
- In the File Browser tab, you will see a list of files and folders within
|
||||||
|
the selected directory. Click on the file you want to encrypt, decrypt, or
|
||||||
|
sign.
|
||||||
|
|
||||||
|
4. **Encrypt the File**:
|
||||||
|
|
||||||
|
- To encrypt a file, first select the file in the File Browser. Then, in the
|
||||||
|
**Key Toolbox** on the right, select the public key of the recipient by
|
||||||
|
checking the box next to the desired key. Finally, click the **Encrypt**
|
||||||
|
button in the toolbar at the top.
|
||||||
|
|
||||||
|
5. **Decrypt the File**:
|
||||||
|
|
||||||
|
- To decrypt a file, select the encrypted file in the File Browser. Ensure
|
||||||
|
you have the corresponding private key in your keyring. Click the
|
||||||
|
**Decrypt** button in the toolbar. If the correct key is available, the
|
||||||
|
file will be decrypted.
|
||||||
|
|
||||||
|
![File Operations](https://image.cdn.bktus.com/i/2024/06/15/a8d7bf2f-54f6-ccc6-7bdd-8bb0d2ba44af.webp)
|
||||||
|
|
||||||
|
By following these steps, you can easily manage file encryption, decryption, and
|
||||||
|
signing using the GpgFrontend's File Browser feature. This streamlined process
|
||||||
|
allows you to handle your cryptographic needs directly from the file system
|
||||||
|
interface.
|
||||||
|
|
||||||
|
## File Extension Requirements
|
||||||
|
|
||||||
|
GpgFrontend supports different file extensions for various cryptographic
|
||||||
|
operations. Understanding these extensions helps in properly managing encrypted
|
||||||
|
and signed files. Here’s a breakdown of the file extensions used:
|
||||||
|
|
||||||
|
#### ASCII Format
|
||||||
|
|
||||||
|
- **.asc**: Files with the ".asc" extension are in ASCII format. These files
|
||||||
|
contain ASCII-armored ciphertext, which is a text representation of the
|
||||||
|
encrypted data. ASCII format is typically used for easy sharing via email or
|
||||||
|
text editors, as it ensures compatibility with text-based applications.
|
||||||
|
|
||||||
|
#### Binary Format
|
||||||
|
|
||||||
|
- **.gpg**: Files with the ".gpg" extension are in binary format. Binary
|
||||||
|
ciphertext files are more compact than their ASCII counterparts and are
|
||||||
|
generally used for more efficient storage and transmission. They cannot be
|
||||||
|
viewed directly in text editors, as the content is in a binary format.
|
||||||
|
|
||||||
|
#### Combined Content
|
||||||
|
|
||||||
|
- **.gpg**: When you use the encryption and signing functions together,
|
||||||
|
GpgFrontend generates a file with the ".gpg" extension. This file contains
|
||||||
|
both the encrypted content and the signature, ensuring that the recipient can
|
||||||
|
verify that the ciphertext originates from you.
|
||||||
|
|
||||||
|
To perform decryption and verification operations, you need to use files with
|
||||||
|
either the ".gpg" or ".asc" extension. These files contain the necessary
|
||||||
|
ciphertext and signature content required for these operations.
|
||||||
|
|
||||||
|
By adhering to these file extension requirements, you can ensure that your
|
||||||
|
encrypted and signed files are correctly recognized and processed by
|
||||||
|
GpgFrontend.
|
||||||
|
|
||||||
|
### Default Output Mode
|
||||||
|
|
||||||
Before version 2.0.4, GpgFrontend generated ciphertext files exclusively in
|
Before version 2.0.4, GpgFrontend generated ciphertext files exclusively in
|
||||||
ASCII format. However, beginning with version 2.0.4, GpgFrontend now generates
|
ASCII format. However, beginning with version 2.0.4, GpgFrontend now generates
|
||||||
ciphertext files in binary format by default. This setting can be adjusted in
|
ciphertext files in binary format by default. This setting can be adjusted in
|
||||||
the program's settings.
|
the program's settings.
|
||||||
|
|
||||||
![image-20220112073548736](https://image.cdn.bktus.com/i/2023/11/16/980bff72-7271-b639-e63b-ff1d274edc95.webp)
|
### Changing Output Mode
|
||||||
|
|
||||||
## File Browser
|
To change the output mode between ASCII and binary formats, follow these steps:
|
||||||
|
|
||||||
From the top menu's "File" option, you can access the file browser by pressing
|
1. **Open Settings**:
|
||||||
Ctrl/Command + B. After choosing target directory at system navigator, you
|
|
||||||
can then use the file browser tab to do some operations on files. By using the
|
|
||||||
file browser, you can navigate to your working directory and right-click on the
|
|
||||||
file you wish to work with. This will open a pop-up menu, where you can select
|
|
||||||
the operation you want to perform on the file.
|
|
||||||
|
|
||||||
![image-20220112072034647](https://image.cdn.bktus.com/i/2023/11/16/6a137a63-ae76-d45c-b425-5c3e5961aa2d.webp)
|
- Navigate to the GnuPG Controller settings within GpgFrontend. This can be
|
||||||
|
done by accessing the settings menu from the main interface.
|
||||||
|
|
||||||
Located at the top of the file tab are two control buttons. The button on the
|
2. **Locate Binary Mode Option**:
|
||||||
left allows you to navigate up one level in the directory hierarchy, while the
|
|
||||||
button on the right refreshes the input box on the left with the corresponding
|
|
||||||
path.
|
|
||||||
|
|
||||||
On the far right of the file tab, there is a button with useful options that you
|
- In the settings interface, under the "General" section, locate the option
|
||||||
can select to show system files or hidden files.
|
labeled "Use Binary Mode for File Operations".
|
||||||
|
|
||||||
![image-20220112072335503](https://image.cdn.bktus.com/i/2023/11/16/1cc208dc-75f7-6e1f-f802-149ed18095af.webp)
|
3. **Toggle Binary Mode**:
|
||||||
|
- Check or uncheck this option to switch between binary (gpg) and ASCII (asc)
|
||||||
|
output formats. Checking the box will enable binary mode, while unchecking
|
||||||
|
it will revert to ASCII format.
|
||||||
|
|
||||||
### Encrypt & Sign
|
By following these steps, you can customize how GpgFrontend handles the format
|
||||||
|
of ciphertext files according to your preference or needs.
|
||||||
|
|
||||||
GpgFrontend recommends using the encryption and signature functions in this
|
![Locate Binary Mode Option](https://image.cdn.bktus.com/i/2024/06/15/1a82922d-4a68-d315-f388-5571a4d93e8f.webp)
|
||||||
method, so that the recipient can verify that the ciphertext originates from
|
|
||||||
you. You can select one or more recipients' public keys as well as your own
|
|
||||||
private key to complete this operation.
|
|
||||||
|
|
||||||
When the operation is complete, a file with the ".gpg" extension is generated.
|
|
||||||
This file contains both encrypted content and signed content.
|
|
||||||
|
|
||||||
![Peek 2022-01-12 07-26](https://image.cdn.bktus.com/i/2023/11/16/e7b1cf22-483d-91a4-e1d1-475ba10c51ad.gif)
|
|
||||||
|
|
||||||
### Decrypt & Verify
|
|
||||||
|
|
||||||
When decrypting this ciphertext, it undergoes verification, which enhances
|
|
||||||
security. Additionally, you can perform a "Only Verify" operation which verifies
|
|
||||||
the content without decrypting it. To use this operation, you must select a file
|
|
||||||
with a ".gpg" or ".asc" extension, which contains the ciphertext and signature
|
|
||||||
content.
|
|
||||||
|
|
||||||
To encourage users to verify whether the ciphertext is signed or not when
|
|
||||||
decrypting, Gpg Frontend does not provide a separate decryption operation for
|
|
||||||
this.
|
|
||||||
|
|
||||||
![Peek 2022-01-12 07-24](https://image.cdn.bktus.com/i/2023/11/16/bf3cca62-d28a-83bd-8676-7cb1bcf94f4c.gif)
|
|
||||||
|
@ -4,125 +4,110 @@ sidebar:
|
|||||||
order: 3
|
order: 3
|
||||||
---
|
---
|
||||||
|
|
||||||
Sure, let's go through the process of generating a key pair and subkeys.
|
GpgFrontend makes it easy to generate a key pair or a subkey for encryption,
|
||||||
|
signing, and authentication. Follow the steps below to create your own keys.
|
||||||
|
|
||||||
To generate a key pair using GpgFrontend, follow these steps:
|
## Steps to Generate a Key Pair
|
||||||
|
|
||||||
1. Open GpgFrontend and click on the "Generate Key" button.
|
![Generate A Key Pair](https://image.cdn.bktus.com/i/2024/06/15/5df15149-1890-2645-8452-e7c4798ccd16.webp)
|
||||||
2. Fill in the required information, such as your name and email address.
|
|
||||||
3. Choose the type of key you want to generate (RSA, DSA or ECC).
|
|
||||||
4. Set the key size and expiration date, if desired.
|
|
||||||
5. Create a passphrase to protect your private key.
|
|
||||||
6. Click "Generate" to create your key pair.
|
|
||||||
|
|
||||||
Once your key pair is generated, you can add subkeys to it by following these
|
1. **Open Key Management**:
|
||||||
steps:
|
|
||||||
|
|
||||||
1. Select the key pair you want to add a subkey to.
|
- Click on the "New Keypair" button in the Key Management interface. This
|
||||||
2. Click on the "Add Subkey" button.
|
will open the Generate Key dialog box.
|
||||||
3. Choose the type of subkey you want to add (encryption, signing,
|
|
||||||
authentication, or all).
|
|
||||||
4. Set the subkey size and expiration date, if desired.
|
|
||||||
5. Create a passphrase to protect your subkey.
|
|
||||||
6. Click "Add" to create your subkey.
|
|
||||||
|
|
||||||
You can add multiple subkeys to a key pair, each with their own specific
|
2. **Fill in Basic Information**:
|
||||||
purposes. This allows you to have more control over your key pair's security and
|
|
||||||
usage.
|
|
||||||
|
|
||||||
## Generate Key Pair
|
- **Name**: Enter your name. The name should be at least 5 characters long.
|
||||||
|
- **Email Address**: Enter your email address. It should follow the correct
|
||||||
|
email format.
|
||||||
|
- **Comment**: Optionally, add a comment to help differentiate this key pair
|
||||||
|
from others.
|
||||||
|
|
||||||
You can quickly understand the process of generating a key pair by watching the
|
3. **Set Expiration Date**:
|
||||||
following animation.
|
|
||||||
|
|
||||||
![GIF](https://image.cdn.bktus.com/i/2023/11/16/711f0379-eea6-ee25-2072-8e77d07d2ad5.gif)
|
- Choose an expiration date for the key pair. By default, GpgFrontend
|
||||||
|
suggests setting the expiration date to two years after generation.
|
||||||
|
- Alternatively, you can check the "Never expire" checkbox to make the key
|
||||||
|
pair permanent. This option can be changed later, even after the key has
|
||||||
|
expired.
|
||||||
|
|
||||||
### Name & Email & Comment
|
4. **Select Key Size and Type**:
|
||||||
|
|
||||||
The three fields, including name, email, and comment, are used to help users
|
- **Key Size**: Choose the key size. The default size is 2048 bits. Note that
|
||||||
differentiate this key pair from other key pairs they may have. Among these
|
the size option is only applicable when the key type is RSA or DSA.
|
||||||
three options, name and email are mandatory, while comment is optional.
|
- **Key Type**: Select the type of key you want to generate. Available
|
||||||
|
options include RSA, DSA, ECDSA, ECDSA + ECDH, ECDSA + ECDH NIST P-256, and
|
||||||
|
ECDSA + ECDH BrainPool P-256. For key types with a plus sign (e.g., ECDSA +
|
||||||
|
ECDH), a primary key and a corresponding subkey will be generated.
|
||||||
|
|
||||||
It is important to note that the name should be at least 5 characters long, and
|
5. **Set a Passphrase**:
|
||||||
the email should follow the correct format (no actual email account is
|
|
||||||
required).
|
|
||||||
|
|
||||||
![uid](https://image.cdn.bktus.com/i/2023/11/16/3ad515e0-6d9e-6507-552c-55101da16836.webp)
|
- It is crucial to set a passphrase to protect your private key. Uncheck the
|
||||||
|
"Non Pass Phrase" checkbox and enter a strong, unique passphrase.
|
||||||
|
- If you prefer not to set a passphrase (not recommended for security
|
||||||
|
reasons), you can leave the "Non Pass Phrase" checkbox checked.
|
||||||
|
|
||||||
### Expiration Date
|
6. **Select Key Usage**:
|
||||||
|
|
||||||
Setting an expiration date for the key pair is a way to limit the validity of
|
- Specify the usage for the key pair. Options include:
|
||||||
the key over time. Once the expiration date is reached, the key can still be
|
- **Encryption**: For encrypting data.
|
||||||
used, but its operations, especially signature operations, will be considered
|
- **Signing**: For creating digital signatures.
|
||||||
invalid. By default, GpgFrontend suggests setting the expiration date to two
|
- **Certification**: For certifying other keys (only for primary keys).
|
||||||
years after generation, but you can also choose to check the "Never expire"
|
- **Authentication**: For authentication purposes, such as SSH keys.
|
||||||
checkbox to make the key pair permanent.
|
- Note that some usages may not be available depending on the selected key
|
||||||
|
type. For example, the DSA algorithm does not support encryption.
|
||||||
|
|
||||||
It's important to note that this option can be changed at any time after
|
7. **Generate the Key Pair**:
|
||||||
generation, even after the expiration date has passed, as long as the primary
|
- After filling in all the necessary information and selecting the desired
|
||||||
key still exists.
|
options, click the "OK" button to generate your key pair.
|
||||||
|
|
||||||
![expiration-date](https://image.cdn.bktus.com/i/2023/11/16/ce9b446d-a7a0-2944-b8e4-3517c0d3a861.webp)
|
By following these steps, you can generate a secure key pair using GpgFrontend,
|
||||||
|
tailored to your specific needs for encryption, signing, and authentication.
|
||||||
|
|
||||||
### Key Size & Algo
|
## Steps to Generate a Subkey
|
||||||
|
|
||||||
Setting an expiration date for the key pair is a way to limit the validity of
|
![Generate A Subkey](https://image.cdn.bktus.com/i/2024/06/15/a56c83bc-72ad-6232-1764-6fef5aeceddd.webp)
|
||||||
the key over time. Once the expiration date is reached, the key can still be
|
|
||||||
used, but its operations, especially signature operations, will be considered
|
|
||||||
invalid. By default, GpgFrontend suggests setting the expiration date to two
|
|
||||||
years after generation, but you can also choose to check the "Never expire"
|
|
||||||
checkbox to make the key pair permanent.
|
|
||||||
|
|
||||||
It's important to note that this option can be changed at any time after
|
1. **Open Key Management**:
|
||||||
generation, even after the expiration date has passed, as long as the primary
|
|
||||||
key still exists.
|
|
||||||
|
|
||||||
![keysize-algo](https://image.cdn.bktus.com/i/2023/11/16/4ce5ecfa-7ad0-7a81-cbe1-2ea93f7872ea.webp)
|
- In the Key Management interface, right-click on the key pair you wish to
|
||||||
|
add a subkey to. Select the "New Subkey" option from the context menu.
|
||||||
|
|
||||||
### Passphrase
|
2. **Fill in Basic Information**:
|
||||||
|
|
||||||
Setting a password to protect the primary key is crucial in case of a security
|
- **Key Type**: Select the type of subkey you want to generate. Available
|
||||||
breach. If the "Do not set password" checkbox is unchecked, you will be prompted
|
options include RSA, DSA, ECDSA, ECDH, ECDH NIST P-256, ECDH NIST P-384,
|
||||||
to enter a password during the key pair generation process. Follow the prompts
|
ECDH NIST P-521, ECDH BrainPool P-256, ECDH BrainPool P-384, and ECDH
|
||||||
to set the password. Once the password is set, whenever you need to use the
|
BrainPool P-512.
|
||||||
primary key for an operation, you will need to enter the password to unlock it
|
- **Key Size**: Choose the key size. This option is only applicable when the
|
||||||
(some systems have a password manager to automate this process).
|
key type is RSA or DSA.
|
||||||
|
- **Expiration Date**: Set an expiration date for the subkey. You can also
|
||||||
|
choose to check the "Never expire" checkbox to make the subkey permanent.
|
||||||
|
|
||||||
However, you can also check the "Do not set password" checkbox to skip setting a
|
3. **Set a Passphrase**:
|
||||||
protection password for the primary key. But this is not recommended due to
|
|
||||||
security concerns.
|
|
||||||
|
|
||||||
### Usage
|
- If the primary key has a passphrase, the subkey's passphrase must be equal
|
||||||
|
to it. Ensure that the "Non Pass Phrase" checkbox is unchecked if you want
|
||||||
|
to set a passphrase.
|
||||||
|
|
||||||
When generating a key pair, you can specify the usage for the first subkey,
|
4. **Select Key Usage**:
|
||||||
which is the primary key. There are four options:
|
|
||||||
|
|
||||||
![usages](https://image.cdn.bktus.com/i/2023/11/16/f9bae59d-9181-2cb8-53a6-b51c0698c613.webp)
|
- Specify the usage for the subkey. Options include:
|
||||||
|
- **Encryption**: For encrypting data.
|
||||||
|
- **Signing**: For creating digital signatures.
|
||||||
|
- **Authentication**: For authentication purposes, such as SSH keys.
|
||||||
|
- Note that the certification usage is not available for subkeys.
|
||||||
|
|
||||||
- Encryption: Once generated, this key can be used for encryption purposes.
|
5. **Generate the Subkey**:
|
||||||
|
- After filling in all the necessary information and selecting the desired
|
||||||
|
options, click the "OK" button to generate your subkey.
|
||||||
|
|
||||||
- Signing: Once generated, this key can be used for signature purposes.
|
By following these steps, you can generate a subkey using GpgFrontend, which
|
||||||
|
enhances the functionality of your primary key pair for various cryptographic
|
||||||
|
operations.
|
||||||
|
|
||||||
- Certification: This key can be used to certify or verify other keys. Only the
|
## Extra Note
|
||||||
primary key can have this usage.
|
|
||||||
|
|
||||||
- Authentication: This key can be used for authentication purposes, such as with
|
|
||||||
SSH keys.
|
|
||||||
|
|
||||||
The third of these four uses (authentication purposes) can only be owned by the
|
|
||||||
primary key. In addition, some usages are not available when using certain
|
|
||||||
algorithms for encryption. For example, when the DSA algorithm is selected, the
|
|
||||||
encryption uses are disabled.
|
|
||||||
|
|
||||||
## Generate Subkey
|
|
||||||
|
|
||||||
It is possible to append subkeys to an existing key pair. The subkey does not
|
|
||||||
require the input of a name, email, or comment, as the remaining steps are
|
|
||||||
essentially identical to those for generating a key pair.
|
|
||||||
|
|
||||||
![Generate Subkey](https://image.cdn.bktus.com/i/2023/11/16/4871ee77-5da5-5473-a2be-2d9c29d6b842.gif)
|
|
||||||
|
|
||||||
### Extra note
|
|
||||||
|
|
||||||
Below are some guidelines that may prove useful in comprehending the
|
Below are some guidelines that may prove useful in comprehending the
|
||||||
aforementioned concepts and utilizing this tool accurately.
|
aforementioned concepts and utilizing this tool accurately.
|
||||||
@ -168,8 +153,8 @@ but also provides flexibility in key usage and management.
|
|||||||
|
|
||||||
- **Secure Storage**: The primary key should be stored in a highly secure
|
- **Secure Storage**: The primary key should be stored in a highly secure
|
||||||
location, preferably offline or in a hardware security module (HSM), to
|
location, preferably offline or in a hardware security module (HSM), to
|
||||||
prevent unauthorized access. This is because the loss or compromise of the
|
prevent unauthorized access. The loss or compromise of the primary key
|
||||||
primary key jeopardizes the entire cryptographic framework.
|
jeopardizes the entire cryptographic framework.
|
||||||
|
|
||||||
- **Key Generation and Maintenance**: While tools like GpgFrontend provide
|
- **Key Generation and Maintenance**: While tools like GpgFrontend provide
|
||||||
user-friendly interfaces for managing keys, they may lack support for advanced
|
user-friendly interfaces for managing keys, they may lack support for advanced
|
||||||
@ -205,3 +190,52 @@ maintaining the integrity and security of cryptographic operations. By adhering
|
|||||||
to best practices for key usage, storage, and renewal, users can safeguard their
|
to best practices for key usage, storage, and renewal, users can safeguard their
|
||||||
digital identities and ensure the confidentiality and authenticity of their
|
digital identities and ensure the confidentiality and authenticity of their
|
||||||
communications.
|
communications.
|
||||||
|
|
||||||
|
#### Additional Note on Subkey Algorithm Types
|
||||||
|
|
||||||
|
Subkeys in GpgFrontend offer more algorithm types than primary keys due to their
|
||||||
|
specialized roles. While primary keys focus on establishing identity and trust,
|
||||||
|
subkeys are often dedicated to specific tasks like encryption or authentication.
|
||||||
|
This task-specific design allows subkeys to utilize a broader range of
|
||||||
|
algorithms, enhancing their flexibility and functionality. For instance, while
|
||||||
|
primary keys may be restricted to certain secure algorithms for signing, subkeys
|
||||||
|
can employ diverse algorithms optimized for encryption, like ECDH, ensuring
|
||||||
|
efficient and secure operations tailored to the user's needs.
|
||||||
|
|
||||||
|
**Primary Key Supported Algorithms:**
|
||||||
|
|
||||||
|
- RSA
|
||||||
|
- DSA
|
||||||
|
- ECDSA
|
||||||
|
|
||||||
|
**Subkey Supported Algorithms:**
|
||||||
|
|
||||||
|
- RSA
|
||||||
|
- DSA
|
||||||
|
- ECDSA
|
||||||
|
- ECDH
|
||||||
|
- ECDH NIST P-256
|
||||||
|
- ECDH NIST P-384
|
||||||
|
- ECDH NIST P-521
|
||||||
|
- ECDH BrainPool P-256
|
||||||
|
- ECDH BrainPool P-384
|
||||||
|
- ECDH BrainPool P-512
|
||||||
|
|
||||||
|
**Explanation:**
|
||||||
|
|
||||||
|
The broader range of algorithms available for subkeys arises because subkeys are
|
||||||
|
designed for specific functions and can therefore leverage specialized
|
||||||
|
algorithms optimized for those functions. For example, ECDH (Elliptic Curve
|
||||||
|
Diffie-Hellman) is highly efficient for encryption tasks and is commonly used
|
||||||
|
for subkeys dedicated to encryption. This flexibility in algorithm choice
|
||||||
|
ensures that cryptographic operations can be optimized for both performance and
|
||||||
|
security based on the specific use case.
|
||||||
|
|
||||||
|
Primary keys, however, are central to the user's cryptographic identity and are
|
||||||
|
primarily used for signing and certifying subkeys. This critical role
|
||||||
|
necessitates the use of well-established and highly secure algorithms to ensure
|
||||||
|
the integrity and trustworthiness of the entire cryptographic system.
|
||||||
|
|
||||||
|
By differentiating the algorithms and roles of primary keys and subkeys,
|
||||||
|
GpgFrontend enhances both security and operational efficiency, allowing users to
|
||||||
|
maintain a robust and flexible cryptographic setup.
|
||||||
|
@ -49,55 +49,115 @@ a user-friendly manner. By accommodating binary file operations, it ensures that
|
|||||||
digital signatures are accessible and applicable across a broad spectrum of file
|
digital signatures are accessible and applicable across a broad spectrum of file
|
||||||
types, reinforcing the pillars of trust and security in digital communications.
|
types, reinforcing the pillars of trust and security in digital communications.
|
||||||
|
|
||||||
## Introduction to File Extensions
|
## Sign & Verify File
|
||||||
|
|
||||||
For ASCII-formatted ciphertext, the filename suffix is usually "asc", and these
|
GpgFrontend extends its utility from handling text-based operations to
|
||||||
files can be opened directly with a text editor. However, if the ciphertext is
|
facilitating file operations with ease and security. The principle behind
|
||||||
binary, its file extension will be "sig" or "gpg". Typically, binary ciphertext
|
signing and verifying files mirrors that of text, leveraging the robust
|
||||||
files are smaller than ASCII-formatted ones.
|
framework of digital signatures. However, a significant distinction lies in the
|
||||||
|
nature of the input and output for file operations, which can be binary,
|
||||||
|
accommodating a wider range of file types beyond simple text documents.
|
||||||
|
|
||||||
Prior to v2.0.4, the ciphertext files generated by GpgFrontend were all in ASCII
|
## Using File Browser for Signing and Verifying
|
||||||
format. But starting with v2.0.4, GpgFrontend defaults to generating
|
|
||||||
binary-formatted ciphertext files. You can modify this setting in the settings.
|
|
||||||
|
|
||||||
![image-20220112073548736](https://image.cdn.bktus.com/i/2023/11/16/980bff72-7271-b639-e63b-ff1d274edc95.webp)
|
After clicking the **File Browser** button, a system directory selection dialog
|
||||||
|
will appear. Follow these steps to perform signing and verifying operations:
|
||||||
|
|
||||||
## File Browser
|
1. **Open File Browser**:
|
||||||
|
|
||||||
You can open the file browser (Ctrl/Command + B) via the top menu file option.
|
- Click the **File Browser** button in the toolbar at the top of the
|
||||||
After selecting a target directory at system navigator, you can get a new File
|
interface. This will open a system dialog allowing you to choose a
|
||||||
browser tab. Using the file browser, navigate to your working directory. Then,
|
directory.
|
||||||
right-click the file you wish to operate on, and select the desired operation
|
|
||||||
from the pop-up menu.
|
|
||||||
|
|
||||||
![File Browser](https://image.cdn.bktus.com/i/2023/11/16/6a137a63-ae76-d45c-b425-5c3e5961aa2d.webp)
|
2. **Select Directory**:
|
||||||
|
|
||||||
Two control buttons are located at the top of the file tab. The one on the left
|
- In the system dialog, navigate to the desired directory and select it. Once
|
||||||
allows you to go up a level, and the one on the right enables you to enter or
|
selected, a new tab named "File Browser" will open in GpgFrontend,
|
||||||
refresh the corresponding path in the input box on the left.
|
displaying the contents of the chosen directory.
|
||||||
|
|
||||||
On the far right is a button offering useful options, such as displaying system
|
3. **Select a File**:
|
||||||
files or hidden files.
|
|
||||||
|
|
||||||
![File Browser 2](https://image.cdn.bktus.com/i/2023/11/16/1cc208dc-75f7-6e1f-f802-149ed18095af.webp)
|
- In the File Browser tab, you will see a list of files and folders within
|
||||||
|
the selected directory. Click on the file you want to sign or verify.
|
||||||
|
|
||||||
### Sign
|
4. **Sign the File**:
|
||||||
|
|
||||||
Through the right-click menu, you can rapidly sign a file. This operation will
|
- To sign a file, first select the file in the File Browser. Then, in the
|
||||||
generate a file with a "sig" or "asc" suffix, which contains the signature
|
**Key Toolbox** on the right, select your private key by checking the box
|
||||||
content. In this scenario, you need to pass both this file and the original file
|
next to your key. Finally, click the **Sign** button in the toolbar at the
|
||||||
to the other party to allow them to verify it.
|
top.
|
||||||
|
|
||||||
![Sign File](https://image.cdn.bktus.com/i/2023/11/16/ae18811f-12f8-4059-e46f-831929e59414.gif)
|
5. **Verify the File**:
|
||||||
|
|
||||||
### Verify
|
- To verify a file, select the signed file in the File Browser. Ensure you
|
||||||
|
have the corresponding public key in your keyring. Click the **Verify**
|
||||||
|
button in the toolbar. If the correct key is available, the file's
|
||||||
|
signature will be verified.
|
||||||
|
|
||||||
This operation requires you to select a file with a "gpg" suffix (this may be
|
![File Operations](https://image.cdn.bktus.com/i/2024/06/15/e157e4ff-ddaa-3a24-1a6f-a3fb80a55661.webp)
|
||||||
invalid for binary file ciphertext) or a file with a "sig" suffix for
|
|
||||||
verification.
|
|
||||||
|
|
||||||
When selecting a file with the "sig" suffix, ensure that the source file is also
|
By following these steps, you can easily manage file signing and verifying using
|
||||||
present in this directory. This implies that the source file's name is simply
|
the GpgFrontend's File Browser feature. This streamlined process allows you to
|
||||||
missing a "sig" suffix.
|
handle your cryptographic needs directly from the file system interface.
|
||||||
|
|
||||||
![Verify File](https://image.cdn.bktus.com/i/2023/11/16/dbb4d69c-d1a8-d5dc-6422-1cf300bea533.gif)
|
## File Extension Requirements
|
||||||
|
|
||||||
|
GpgFrontend supports different file extensions for various cryptographic
|
||||||
|
operations. Understanding these extensions helps in properly managing signed
|
||||||
|
files. Here’s a breakdown of the file extensions used:
|
||||||
|
|
||||||
|
#### ASCII Format
|
||||||
|
|
||||||
|
- **.asc**: Files with the ".asc" extension are in ASCII format. These files
|
||||||
|
contain ASCII-armored signatures, which are a text representation of the
|
||||||
|
signed data. ASCII format is typically used for easy sharing via email or text
|
||||||
|
editors, as it ensures compatibility with text-based applications.
|
||||||
|
|
||||||
|
#### Binary Format
|
||||||
|
|
||||||
|
- **.sig**: Files with the ".sig" extension are in binary format. Binary
|
||||||
|
signature files are more compact than their ASCII counterparts and are
|
||||||
|
generally used for more efficient storage and transmission. They cannot be
|
||||||
|
viewed directly in text editors, as the content is in a binary format.
|
||||||
|
- **.gpg**: Files with the ".gpg" extension are also used for binary signatures.
|
||||||
|
These files are used when both encryption and signing are performed together,
|
||||||
|
containing both the encrypted content and the signature.
|
||||||
|
|
||||||
|
To perform verification operations, you need to use files with either the
|
||||||
|
".sig", ".gpg", or ".asc" extension. These files contain the necessary signature
|
||||||
|
content required for these operations.
|
||||||
|
|
||||||
|
By adhering to these file extension requirements, you can ensure that your
|
||||||
|
signed files are correctly recognized and processed by GpgFrontend.
|
||||||
|
|
||||||
|
### Default Output Mode
|
||||||
|
|
||||||
|
Before version 2.0.4, GpgFrontend generated signature files exclusively in ASCII
|
||||||
|
format. However, beginning with version 2.0.4, GpgFrontend now generates
|
||||||
|
signature files in binary format by default. This setting can be adjusted in the
|
||||||
|
program's settings.
|
||||||
|
|
||||||
|
### Changing Output Mode
|
||||||
|
|
||||||
|
To change the output mode between ASCII and binary formats, follow these steps:
|
||||||
|
|
||||||
|
1. **Open Settings**:
|
||||||
|
|
||||||
|
- Navigate to the GnuPG Controller settings within GpgFrontend. This can be
|
||||||
|
done by accessing the settings menu from the main interface.
|
||||||
|
|
||||||
|
2. **Locate Binary Mode Option**:
|
||||||
|
|
||||||
|
- In the settings interface, under the "General" section, locate the option
|
||||||
|
labeled "Use Binary Mode for File Operations".
|
||||||
|
|
||||||
|
3. **Toggle Binary Mode**:
|
||||||
|
- Check or uncheck this option to switch between binary (sig/gpg) and ASCII
|
||||||
|
(asc) output formats. Checking the box will enable binary mode, while
|
||||||
|
unchecking it will revert to ASCII format.
|
||||||
|
|
||||||
|
By following these steps, you can customize how GpgFrontend handles the format
|
||||||
|
of signature files according to your preference or needs.
|
||||||
|
|
||||||
|
![Locate Binary Mode
|
||||||
|
Option](https://image.cdn.bktus.com/i/2024/06/15/1a82922d-4a68-d315-f388-5571a4d93e8f.webp)
|
||||||
|
@ -55,10 +55,87 @@ encryption with GpgFrontend is a testament to the versatility of cryptographic
|
|||||||
practices, catering to a wide range of security needs with user-friendly
|
practices, catering to a wide range of security needs with user-friendly
|
||||||
solutions.
|
solutions.
|
||||||
|
|
||||||
## How to use it?
|
## How to Perform Symmetric Encryption
|
||||||
|
|
||||||
Symmetric encryption is initiated when you click the 'Encrypt' button without
|
Performing symmetric encryption with GpgFrontend is a straightforward process.
|
||||||
selecting any key in the Key Toolbox. For this type of encryption, a password
|
Follow these steps to encrypt your data using a password:
|
||||||
must be established for the encryption process. Subsequently, to decrypt the
|
|
||||||
data, you will need to provide the same password that was used during the
|
1. **Prepare Your Data**:
|
||||||
encryption phase.
|
|
||||||
|
- Start by opening GpgFrontend and entering the text you want to encrypt in
|
||||||
|
the text editor area. You can create a new tab through the "New" option if
|
||||||
|
needed.
|
||||||
|
|
||||||
|
2. **Initiate Encryption**:
|
||||||
|
|
||||||
|
- Click the 'Encrypt' button in the Operations Bar at the top of the
|
||||||
|
interface. This button is represented by a padlock icon with the label
|
||||||
|
"Encrypt".
|
||||||
|
|
||||||
|
3. **No Key Selected**:
|
||||||
|
|
||||||
|
- If no key is selected in the Key Toolbox, a prompt will appear asking if
|
||||||
|
you want to encrypt with a symmetric cipher using a passphrase. Click "OK"
|
||||||
|
to proceed.
|
||||||
|
|
||||||
|
4. **Set a Password**:
|
||||||
|
|
||||||
|
- Enter a strong, unique password in the prompt that appears. This password
|
||||||
|
will be used to encrypt your data. Ensure that the password is complex and
|
||||||
|
secure, as it will be required to decrypt the data later.
|
||||||
|
|
||||||
|
5. **Encryption Process**:
|
||||||
|
|
||||||
|
- GpgFrontend will use the provided password to encrypt your data,
|
||||||
|
transforming the plaintext into ciphertext. The resulting encrypted message
|
||||||
|
will be displayed in the text editor area.
|
||||||
|
|
||||||
|
6. **Save or Share Encrypted Data**:
|
||||||
|
- You can now save the encrypted message to a file or share it with others.
|
||||||
|
Remember, the recipient will need the exact password used during encryption
|
||||||
|
to decrypt the data.
|
||||||
|
|
||||||
|
By following these steps, you can easily encrypt your data using symmetric
|
||||||
|
encryption in GpgFrontend. This method is ideal for scenarios where you need to
|
||||||
|
secure data with a password without managing public and private keys.
|
||||||
|
|
||||||
|
![Symmetric Encryption](https://image.cdn.bktus.com/i/2024/06/15/e81042ca-40e4-0ce4-5a44-111a89acb5d1.webp)
|
||||||
|
|
||||||
|
## How to Decrypt Symmetric Encryption?
|
||||||
|
|
||||||
|
Decrypting symmetrically encrypted data with GpgFrontend is straightforward and
|
||||||
|
similar to decrypting data encrypted with asymmetric encryption. Follow these
|
||||||
|
steps:
|
||||||
|
|
||||||
|
1. **Copy the Ciphertext**:
|
||||||
|
|
||||||
|
- First, ensure that you have the ciphertext (the encrypted message) copied
|
||||||
|
to your clipboard. The ciphertext should be in the format typically
|
||||||
|
generated by GnuPG, enclosed in `-----BEGIN PGP MESSAGE-----` and `-----END
|
||||||
|
PGP MESSAGE-----` tags.
|
||||||
|
|
||||||
|
2. **Paste the Ciphertext into the Text Editor**:
|
||||||
|
|
||||||
|
- Open GpgFrontend and paste the ciphertext into the text editor area. You
|
||||||
|
can do this by creating a new tab through the "New" option if needed.
|
||||||
|
|
||||||
|
3. **Click the Decrypt Button**:
|
||||||
|
|
||||||
|
- Click the 'Decrypt' button in the Operations Bar at the top of the
|
||||||
|
interface. This button is represented by a key icon with the label
|
||||||
|
"Decrypt".
|
||||||
|
|
||||||
|
4. **Enter the Password**:
|
||||||
|
|
||||||
|
- A prompt will appear asking for the password that was used to encrypt the
|
||||||
|
data. Enter the correct password and confirm.
|
||||||
|
|
||||||
|
5. **Decryption Process**:
|
||||||
|
- GpgFrontend will use GnuPG to recognize the type of encryption used and the
|
||||||
|
corresponding key. If the password is correct, the software will decrypt
|
||||||
|
the ciphertext and display the readable plaintext in the text editor area.
|
||||||
|
|
||||||
|
By following these steps, you can efficiently decrypt any symmetrically
|
||||||
|
encrypted data using GpgFrontend. The software's ability to automatically
|
||||||
|
recognize the encryption type and key ensures a seamless decryption process,
|
||||||
|
making it easy to access your encrypted information securely.
|
||||||
|
@ -9,39 +9,46 @@ of the page. The exploration that follows will gradually unveil additional
|
|||||||
functionalities. Bear in mind that interfaces may vary across different
|
functionalities. Bear in mind that interfaces may vary across different
|
||||||
versions.
|
versions.
|
||||||
|
|
||||||
![Interface](https://image.cdn.bktus.com/i/2023/11/16/27c0bd12-8a1d-b9ae-2ecd-dbde5f96e36f.webp)
|
![Interface](https://image.cdn.bktus.com/i/2024/06/15/baf33505-c34f-12c7-d897-a60fc9b5b600.webp)
|
||||||
|
|
||||||
## Text Editor
|
## Text Editor
|
||||||
|
|
||||||
The text editing zone allows you the liberty to input any desired text or
|
The text editing zone allows you the liberty to input any desired text or
|
||||||
establish a new tab through the "New" choice in the file menu at the top. Moving
|
establish a new tab through the "New" option in the file menu at the top. Moving
|
||||||
or closing tabs can be done with ease as per your needs.
|
or closing tabs can be done with ease as per your needs.
|
||||||
|
|
||||||
Numerous operations can be performed on your text using options available in the
|
Numerous operations can be performed on your text using options available in the
|
||||||
Operations Bar. Alternatively, you may utilize standard shortcuts like
|
Operations Bar at the top of the interface. You can encrypt, decrypt, sign, and
|
||||||
Ctrl+C/V/S for copy, paste, and save operations, or even searching within the
|
verify text directly from this menu. Additionally, standard shortcuts like
|
||||||
text.
|
Ctrl+C, Ctrl+V, and Ctrl+S for copy, paste, and save operations, or searching
|
||||||
|
within the text using Ctrl+F, are supported.
|
||||||
|
|
||||||
The edited text within the text box is encoded in UTF8 without any formatting.
|
The edited text within the text box is encoded in UTF-8 without any formatting.
|
||||||
This plain text format ensures that no message alteration leads to confusion.
|
This plain text format ensures that no message alteration leads to confusion.
|
||||||
While we have plans to introduce rich text editing in the future, the specifics
|
While there are plans to introduce rich text editing in the future, the
|
||||||
are still being deliberated.
|
specifics are still being deliberated.
|
||||||
|
|
||||||
### Large Text File Support
|
### Large Text File Support
|
||||||
|
|
||||||
GpgFrontend accommodates opening larger files without hindrance. However, when
|
GpgFrontend accommodates opening larger files without hindrance, with the
|
||||||
dealing with relatively large files, editing of the tab won't be feasible until
|
current limit set to 1MB per file. When dealing with relatively large files,
|
||||||
the entire file is loaded. During this time, despite not being able to edit the
|
editing of the tab won't be feasible until the entire file is loaded. During
|
||||||
file, you still have the capability to view it.
|
this time, despite not being able to edit the file, you still have the
|
||||||
|
capability to view it.
|
||||||
|
|
||||||
|
It is important to note that opening files larger than 1MB is not supported, as
|
||||||
|
excessively long text files can cause significant performance issues with the
|
||||||
|
graphical user interface (GUI). This limitation helps maintain the application's
|
||||||
|
responsiveness and ensures a smooth user experience.
|
||||||
|
|
||||||
## Information Board
|
## Information Board
|
||||||
|
|
||||||
GpgFrontend presents the outcome of the current tab page operation on the
|
GpgFrontend presents the outcome of the current tab page operation on the
|
||||||
Information Board, signifying the success or failure of the operation.
|
Information Board, signifying the success or failure of the operation. The
|
||||||
Additionally, the Information Board's text includes supplementary details to
|
Information Board's text includes supplementary details to assist in
|
||||||
assist in understanding the particulars of your encryption, decryption,
|
understanding the particulars of your encryption, decryption, signature, and
|
||||||
signature, and other operations. Depending on your language settings, the output
|
other operations. Depending on your language settings, the output displayed on
|
||||||
displayed on the dashboard may differ.
|
the dashboard may differ.
|
||||||
|
|
||||||
The Information Board was conceived to provide a comprehensive view of more
|
The Information Board was conceived to provide a comprehensive view of more
|
||||||
information within the same space. However, GpgFrontend plans to incorporate a
|
information within the same space. However, GpgFrontend plans to incorporate a
|
||||||
@ -68,56 +75,48 @@ font size is 10, and it can be modified to any value ranging from 9 to 18.
|
|||||||
|
|
||||||
### Dashboard Actions Menu
|
### Dashboard Actions Menu
|
||||||
|
|
||||||
The dashboard actions menu facilitates quick and easy access to common
|
The dashboard actions menu, located below the Information Board, provides quick
|
||||||
functionalities related to the content of the information board. It empowers
|
and easy access to essential functions related to the content displayed. It
|
||||||
users to efficiently manage and process large chunks of content on the
|
empowers users to efficiently manage and process large chunks of information for
|
||||||
Information Board for various purposes.
|
various purposes.
|
||||||
|
|
||||||
#### Copy
|
#### Copy
|
||||||
|
|
||||||
This function allows users to swiftly capture significant portions of content
|
This function allows users to swiftly capture significant portions of content
|
||||||
from the Information Board for other applications.
|
from the Information Board for use in other applications. Simply select the
|
||||||
|
content you need and use this button to copy it to the clipboard.
|
||||||
|
|
||||||
#### Save File
|
#### Save File
|
||||||
|
|
||||||
This operation archives the contents of the information board into the file
|
This operation archives the contents of the Information Board into the file
|
||||||
system, utilizing the UTF-8 format. Although the resultant output file lacks a
|
system in UTF-8 format. Although the resultant output file does not have a
|
||||||
suffix, it is essentially in a plain text format.
|
suffix, it is essentially plain text and can be opened with any text editor.
|
||||||
|
|
||||||
#### Clear
|
#### Clear
|
||||||
|
|
||||||
This command promptly purges all content from the information board. The
|
This command promptly purges all content from the Information Board, including
|
||||||
clearance includes both the contents and statuses of the information board. A
|
both the displayed contents and statuses. Any new operation, such as encryption
|
||||||
new operation (such as encryption) will automatically trigger this clearing
|
or decryption, will automatically trigger this clearing process, ensuring that
|
||||||
process.
|
the Information Board always displays the most current and relevant information.
|
||||||
|
|
||||||
### Optional Actions Menu
|
## Key Toolbox
|
||||||
|
|
||||||
In addition to the Information Board, an Optional Actions Menu will be presented
|
The Key Toolbox on the right side of the interface lists all available keys,
|
||||||
below it. If any auxiliary operations can be performed post your main operation
|
including public and private keys. The columns provide details such as key type,
|
||||||
(such as displaying more detailed information, sending encrypted text via email,
|
name, and email address. You can select keys from this list to perform various
|
||||||
etc.), the access points for these supplementary tasks will be made available
|
operations such as encryption, decryption, signing, and verification.
|
||||||
here.
|
|
||||||
|
|
||||||
## Key ToolBox
|
|
||||||
|
|
||||||
This feature presents a comprehensive list of key pairs stored on your device,
|
|
||||||
intended for use with Gpg operations. The keys within the ToolBox are classified
|
|
||||||
into multiple categories, each corresponding to a unique usage context.
|
|
||||||
Additionally, the ToolBox provides access to a variety of common operations, all
|
|
||||||
of which can be found in the Key List Menu.
|
|
||||||
|
|
||||||
### Usage
|
### Usage
|
||||||
|
|
||||||
Most Gpg-related operations require specifying a key pair (for tasks like
|
Most Gpg-related operations require specifying a key pair (for tasks like
|
||||||
encryption, decryption, signature, etc.). You can select the checkbox in the
|
encryption, decryption, signature, etc.). You can select the checkbox in the
|
||||||
first column of the Key ToolBox's table to designate one or more keys for your
|
first column of the Key Toolbox's table to designate one or more keys for your
|
||||||
operation. Categories that contain only public keys are frequently utilized in
|
operation. Categories that contain only public keys are frequently utilized in
|
||||||
cryptographic scenarios.
|
cryptographic scenarios.
|
||||||
|
|
||||||
### Classification
|
### Classification
|
||||||
|
|
||||||
The ToolBox showcases categories via tabbed display. None of these categories
|
The Toolbox showcases categories via tabbed display. None of these categories
|
||||||
include any expired or revoked keys. To view such keys, you should refer to the
|
include any expired or revoked keys. To view such keys, you should refer to the
|
||||||
Key Manager. The default category comprises all private and public keys. During
|
Key Manager. The default category comprises all private and public keys. During
|
||||||
any operation, only the keys from the currently selected category will be
|
any operation, only the keys from the currently selected category will be
|
||||||
@ -165,13 +164,23 @@ step.
|
|||||||
|
|
||||||
## Operations Bar
|
## Operations Bar
|
||||||
|
|
||||||
Here, you can execute corresponding operations by clicking on the buttons
|
The Operations Bar at the top includes the following functions:
|
||||||
provided. For instance, after inputting text into a text editor and specifying
|
|
||||||
the desired key in the key toolbox, you can click the encryption button to
|
|
||||||
perform the operation.
|
|
||||||
|
|
||||||
Some operations require key specification, while others do not, as will be
|
1. New: Create a new text file tab.
|
||||||
detailed in the respective sections of this document.
|
2. Open: Open an existing text file.
|
||||||
|
3. File Browser: Browse and select files from your system.
|
||||||
|
4. Encrypt: Encrypt the text or file.
|
||||||
|
5. Encrypt Sign: Encrypt and sign the text or file.
|
||||||
|
6. Decrypt: Decrypt the text or file.
|
||||||
|
7. Decrypt Verify: Decrypt and verify the text or file.
|
||||||
|
8. Sign: Sign the text or file.
|
||||||
|
9. Verify: Verify the signature of the text or file.
|
||||||
|
10. Manage Keys: Open the key management interface.
|
||||||
|
11. Import Key: Import a new key through some approaches.
|
||||||
|
|
||||||
|
This interface provides a comprehensive suite of tools for managing and
|
||||||
|
utilizing your cryptographic keys and performing various encryption-related
|
||||||
|
operations with ease.
|
||||||
|
|
||||||
### Customization
|
### Customization
|
||||||
|
|
||||||
|
@ -10,18 +10,13 @@ key toolbox or key management interface and selecting "Show key details".
|
|||||||
This section may include a brief introduction to gpg-related concepts and could
|
This section may include a brief introduction to gpg-related concepts and could
|
||||||
be relatively long.
|
be relatively long.
|
||||||
|
|
||||||
Below is a screenshot of a friend's public key that I obtained from the key
|
Here is a randomly generated private key. The most significant difference
|
||||||
server.
|
|
||||||
|
|
||||||
![View Key Pair Details](https://image.cdn.bktus.com/i/2023/11/16/8d50f6db-909d-0840-e991-fec3f4263709.webp)
|
|
||||||
|
|
||||||
And here is a randomly generated private key. The most significant difference
|
|
||||||
between this and the previous key is that the key pair with only the public key
|
between this and the previous key is that the key pair with only the public key
|
||||||
is used for encryption only, but if you possess the private key, you can perform
|
is used for encryption only, but if you possess the private key, you can perform
|
||||||
more actions (it also depends on your algorithm; DSA can only be used for
|
more actions (it also depends on your algorithm; DSA can only be used for
|
||||||
signatures).
|
signatures).
|
||||||
|
|
||||||
![View Key Pair Details 1](https://image.cdn.bktus.com/i/2023/11/16/d65e11fe-920f-50b5-640d-2f24c4d4fc58.webp)
|
![View Key Pair Details 1](https://image.cdn.bktus.com/i/2024/06/15/9f5b0089-923f-33e1-d2cd-f7690ec2d050.webp)
|
||||||
|
|
||||||
## General Info
|
## General Info
|
||||||
|
|
||||||
@ -37,7 +32,7 @@ set it as the primary UID to change it.
|
|||||||
According to the OpenPGP protocol, this part is divided into Name, Email, and
|
According to the OpenPGP protocol, this part is divided into Name, Email, and
|
||||||
Comment.
|
Comment.
|
||||||
|
|
||||||
![View Key Pair Details Owner](https://image.cdn.bktus.com/i/2023/11/16/a6460514-4dd8-29be-5d04-31a72474b1fa.webp)
|
![View Key Pair Details Owner](https://image.cdn.bktus.com/i/2024/06/15/30066ecc-ec79-ee27-a3ed-5faad0e6934f.webp)
|
||||||
|
|
||||||
### Primary Key
|
### Primary Key
|
||||||
|
|
||||||
@ -53,7 +48,7 @@ not exist, but this doesn't mean that neither the public key nor the private key
|
|||||||
exists. Please remember: Each subkey and primary key consist of a pair of public
|
exists. Please remember: Each subkey and primary key consist of a pair of public
|
||||||
and private keys.
|
and private keys.
|
||||||
|
|
||||||
![View Key Pair Details Primary Key](https://image.cdn.bktus.com/i/2023/11/16/aacb259b-44db-79d2-1899-3da8675ac36c.webp)
|
![View Key Pair Details Primary Key](https://image.cdn.bktus.com/i/2024/06/15/8cd3691e-70dc-1239-5f80-9a89f1d342ba.webp)
|
||||||
|
|
||||||
#### Key ID
|
#### Key ID
|
||||||
|
|
||||||
@ -67,8 +62,20 @@ is shorter and more user-friendly.
|
|||||||
This refers to the algorithm used for key generation. This also pertains to the
|
This refers to the algorithm used for key generation. This also pertains to the
|
||||||
generation algorithm of the primary key. The generation algorithm determines the
|
generation algorithm of the primary key. The generation algorithm determines the
|
||||||
properties and capabilities of the key. Algorithms such as RSA can be used for
|
properties and capabilities of the key. Algorithms such as RSA can be used for
|
||||||
encryption and signature, but DSA can only be used for signature. However, the
|
both encryption and signatures, whereas DSA can only be used for signatures.
|
||||||
DSA key length can be shorter.
|
More modern algorithms like ECDH (Elliptic-curve Diffie-Hellman) are used for
|
||||||
|
secure key exchange, and ECDSA (Elliptic Curve Digital Signature Algorithm) is
|
||||||
|
employed for digital signatures. These elliptic curve algorithms offer enhanced
|
||||||
|
security with shorter key lengths compared to traditional algorithms.
|
||||||
|
|
||||||
|
### Algorithm Detail
|
||||||
|
|
||||||
|
Algorithm Detail displays both the key type and the key length. In some cases,
|
||||||
|
the key algorithm shown here is more precise. For example, it can specify
|
||||||
|
particular algorithms such as ED25519 or NISTP256, providing detailed
|
||||||
|
information about the specific cryptographic methods employed.
|
||||||
|
|
||||||
|
![Algorithm Detail](https://image.cdn.bktus.com/i/2024/06/15/1e2fba1d-5d5a-738c-a51f-6a3732f6e296.webp)
|
||||||
|
|
||||||
#### Key Size
|
#### Key Size
|
||||||
|
|
||||||
@ -118,7 +125,7 @@ other key pairs.
|
|||||||
|
|
||||||
### Fingerprint
|
### Fingerprint
|
||||||
|
|
||||||
![View Key Pair Details Fingerprint](https://image.cdn.bktus.com/i/2023/11/16/7f2bc76d-12e2-57c1-21fc-4e98f9b9a750.webp)
|
![View Key Pair Details Fingerprint](https://image.cdn.bktus.com/i/2024/06/15/e3250448-a947-a583-eea9-464847e9da32.webp)
|
||||||
|
|
||||||
The fingerprint of the key pair is used for humans to quickly compare whether
|
The fingerprint of the key pair is used for humans to quickly compare whether
|
||||||
the key pair is the expected key pair. This field is unique for all keys in the
|
the key pair is the expected key pair. This field is unique for all keys in the
|
||||||
@ -135,7 +142,7 @@ pair is what they expected. However, for accurate identification, fingerprints
|
|||||||
or key IDs should be compared. A key can have multiple UIDs, but a key pair can
|
or key IDs should be compared. A key can have multiple UIDs, but a key pair can
|
||||||
only have one primary UID, which is always listed first in the interface.
|
only have one primary UID, which is always listed first in the interface.
|
||||||
|
|
||||||
![View Key Pair Details UID](https://image.cdn.bktus.com/i/2023/11/16/de721eb6-3761-1912-8d99-dd0224a2a5e2.webp)
|
![View Key Pair Details UID](https://image.cdn.bktus.com/i/2024/06/15/b502d2b6-db02-7d52-f82f-8e4c2e056276.webp)
|
||||||
|
|
||||||
UID has three elements: Name, Email, Comment. The name should be at least five
|
UID has three elements: Name, Email, Comment. The name should be at least five
|
||||||
characters long, and the email should conform to the format. The rules for
|
characters long, and the email should conform to the format. The rules for
|
||||||
@ -151,10 +158,18 @@ keyring with their signature to the keyserver. If many people do the same, the
|
|||||||
public key on the keyserver will have numerous signatures, making it
|
public key on the keyserver will have numerous signatures, making it
|
||||||
trustworthy.
|
trustworthy.
|
||||||
|
|
||||||
|
![Signatures of UID](https://image.cdn.bktus.com/i/2024/06/15/81d4f9bd-5c4e-ad22-25dc-f5a4a0c3d9af.webp)
|
||||||
|
|
||||||
You can also use the primary key of another key pair to sign a UID. Generally, a
|
You can also use the primary key of another key pair to sign a UID. Generally, a
|
||||||
primary UID of a key pair with many valid signatures is considered more
|
primary UID of a key pair with many valid signatures is considered more
|
||||||
trustworthy.
|
trustworthy.
|
||||||
|
|
||||||
|
As shown in the image, some signatures do not have the signer's UID identified.
|
||||||
|
If you need to identify these signatures, you can try importing the
|
||||||
|
corresponding key from other sources, such as key servers. The Key ID is already
|
||||||
|
provided, which can help you locate and import the necessary keys to recognize
|
||||||
|
the signer's UID.
|
||||||
|
|
||||||
## Subkey Info
|
## Subkey Info
|
||||||
|
|
||||||
The sub-key mechanism is a crucial feature of GPG that improves both flexibility
|
The sub-key mechanism is a crucial feature of GPG that improves both flexibility
|
||||||
@ -174,6 +189,8 @@ points:
|
|||||||
- The disclosure of a subkey only affects that subkey, while the disclosure of
|
- The disclosure of a subkey only affects that subkey, while the disclosure of
|
||||||
the primary key endangers the entire key pair.
|
the primary key endangers the entire key pair.
|
||||||
|
|
||||||
|
![Subkeys Details](https://image.cdn.bktus.com/i/2024/06/15/49283a38-47ec-4ff3-5c84-8167a97ab68e.webp)
|
||||||
|
|
||||||
The primary key and all subkeys in the key pair are displayed on the interface.
|
The primary key and all subkeys in the key pair are displayed on the interface.
|
||||||
Some information about the key is also listed below.
|
Some information about the key is also listed below.
|
||||||
|
|
||||||
@ -188,12 +205,95 @@ and is irreversible.
|
|||||||
In this column, what you can do differs for a key pair that only has a public
|
In this column, what you can do differs for a key pair that only has a public
|
||||||
key and a key pair that includes a private key.
|
key and a key pair that includes a private key.
|
||||||
|
|
||||||
Here's what you can do with a public key-only key pair:
|
### Operations on a Public Key
|
||||||
|
|
||||||
![View Key Pair Details Operations](https://image.cdn.bktus.com/i/2023/11/16/13065e1e-61ff-5626-f571-7d8eddd79053.webp)
|
This interface provides various general operations that can be performed on the
|
||||||
|
selected public key. Below is an explanation of each button's function:
|
||||||
|
|
||||||
And here's what you can do with a key pair that includes a private key:
|
![View Key Pair Details Operations](https://image.cdn.bktus.com/i/2024/06/15/5748a38d-7804-2cca-ecff-bdbfc186290f.webp)
|
||||||
|
|
||||||
![View Key Pair Details Operations 1](https://image.cdn.bktus.com/i/2023/11/16/6534f339-0b6e-e3ab-0318-78c06c30ac07.webp)
|
1. **Export Public Key**:
|
||||||
|
|
||||||
These operations will be explained in detail throughout the documentation.
|
- **Function**: This button allows you to export the public key to a file.
|
||||||
|
Exporting a public key is useful when you need to share it with others or
|
||||||
|
upload it to a keyserver. The exported file can then be distributed or
|
||||||
|
backed up as needed.
|
||||||
|
|
||||||
|
2. **Key Server Operation (Pubkey)**:
|
||||||
|
|
||||||
|
- **Function**: This dropdown menu provides options for interacting with
|
||||||
|
keyservers. A keyserver is a repository where public keys are stored and
|
||||||
|
can be retrieved by others. The operations might include uploading your
|
||||||
|
public key to a keyserver, refreshing your public key with updates from the
|
||||||
|
keyserver, or searching for other public keys on the keyserver.
|
||||||
|
|
||||||
|
3. **Set Owner Trust Level**:
|
||||||
|
- **Function**: This button allows you to set the trust level for the owner
|
||||||
|
of the public key. Trust levels are part of the web of trust model used in
|
||||||
|
public key infrastructures. By setting the trust level, you indicate how
|
||||||
|
much you trust the key owner to correctly verify and sign other keys. This
|
||||||
|
affects how your system evaluates the validity of signatures made by the
|
||||||
|
key owner.
|
||||||
|
|
||||||
|
These operations facilitate the management and sharing of public keys, helping
|
||||||
|
to establish and maintain trust within a cryptographic system.
|
||||||
|
|
||||||
|
### Operations on a Private Key
|
||||||
|
|
||||||
|
This interface provides various general operations that can be performed on the
|
||||||
|
selected key pair, including both public and private key operations. Below is an
|
||||||
|
explanation of each button's function:
|
||||||
|
|
||||||
|
![View Key Pair Details Operations 1](https://image.cdn.bktus.com/i/2024/06/15/68cb4069-5db5-6057-c122-9b9dc2a862f1.webp)
|
||||||
|
|
||||||
|
1. **Export Public Key**:
|
||||||
|
|
||||||
|
- **Function**: This button allows you to export the public key to a file.
|
||||||
|
This is useful for sharing your public key with others or for uploading it
|
||||||
|
to a keyserver. The exported file can be distributed or backed up as
|
||||||
|
needed.
|
||||||
|
|
||||||
|
2. **Export Private Key**:
|
||||||
|
|
||||||
|
- **Function**: This button provides options for exporting the private key.
|
||||||
|
There are typically two modes for exporting:
|
||||||
|
- **Export Complete Private Key**: This exports the entire private key,
|
||||||
|
including all associated information. It is used when you need a full
|
||||||
|
backup or when transferring the key to another system.
|
||||||
|
- **Export Minimal Private Key**: This exports only the essential
|
||||||
|
components of the private key, minimizing the amount of data. This can be
|
||||||
|
useful for more secure key transfers or for environments with specific
|
||||||
|
security requirements.
|
||||||
|
|
||||||
|
3. **Modify Expiration Datetime (Primary Key)**:
|
||||||
|
|
||||||
|
- **Function**: This button allows you to modify the expiration date and time
|
||||||
|
of the primary key. This is important for managing the key's lifecycle and
|
||||||
|
ensuring that it remains valid for the desired period. Adjusting the
|
||||||
|
expiration date can help maintain security by ensuring keys are
|
||||||
|
periodically reviewed and updated.
|
||||||
|
|
||||||
|
4. **Modify Password**:
|
||||||
|
|
||||||
|
- **Function**: This button enables you to change the password that protects
|
||||||
|
the private key. Changing the password can enhance security, especially if
|
||||||
|
you suspect that the current password may have been compromised or if you
|
||||||
|
want to follow best practices for regular password updates.
|
||||||
|
|
||||||
|
5. **Key Server Operation (Pubkey)**:
|
||||||
|
|
||||||
|
- **Function**: This dropdown menu provides options for interacting with
|
||||||
|
keyservers using the public key. Operations might include uploading the
|
||||||
|
public key to a keyserver, or refreshing the key from the keyserver.
|
||||||
|
Keyservers facilitate the distribution and retrieval of public keys.
|
||||||
|
|
||||||
|
6. **Revoke Certificate Operation**:
|
||||||
|
- **Function**: This dropdown menu provides options for revoking a key
|
||||||
|
certificate. Revoking a certificate is necessary if the key has been
|
||||||
|
compromised or if it is no longer needed. This action invalidates the key,
|
||||||
|
ensuring it cannot be used maliciously. The revocation information is
|
||||||
|
typically uploaded to a keyserver so that others are aware of the key's
|
||||||
|
revoked status.
|
||||||
|
|
||||||
|
These operations help manage the lifecycle of key pairs, ensuring their secure
|
||||||
|
use and proper distribution.
|
||||||
|
@ -4,7 +4,6 @@ sidebar:
|
|||||||
order: 3
|
order: 3
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
||||||
GpgFrontend is available for download through multiple channels. For more
|
GpgFrontend is available for download through multiple channels. For more
|
||||||
detailed instructions on installation and getting started, please refer to the
|
detailed instructions on installation and getting started, please refer to the
|
||||||
[Getting Started Guide](../getting-started/).
|
[Getting Started Guide](../getting-started/).
|
||||||
|
@ -16,7 +16,7 @@ GpgFrontend supports digital signatures to verify the integrity and origin of
|
|||||||
messages. Users can manage and generate key pairs, encrypt files and emails, and
|
messages. Users can manage and generate key pairs, encrypt files and emails, and
|
||||||
sign their communications for added security.
|
sign their communications for added security.
|
||||||
|
|
||||||
**How can I obtain and start using GpgFrontend?** You can download the latest version of GpgFrontend from [GpgFrontend's Downloads Page](../downloads/) and choose the installtion method for your platform.
|
**How can I obtain and start using GpgFrontend?** You can download the latest version of GpgFrontend from [GpgFrontend's Downloads Page](../downloads/) and choose the installation method for your platform.
|
||||||
|
|
||||||
## OpenPGP and GnuPG Explained
|
## OpenPGP and GnuPG Explained
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ encryption, decryption, and digital signing, offering a seamless interface for
|
|||||||
managing OpenPGP tasks. Embrace the latest features of GnuPG 2.x, enhancing your
|
managing OpenPGP tasks. Embrace the latest features of GnuPG 2.x, enhancing your
|
||||||
security in the digital age.
|
security in the digital age.
|
||||||
|
|
||||||
**Document Version Reference: [v2.1.2](https://github.com/saturneric/GpgFrontend/releases/tag/v2.1.2)**
|
**Document Version Reference: [v2.1.3](https://github.com/saturneric/GpgFrontend/releases/tag/v2.1.2)**
|
||||||
|
|
||||||
## User Interface Glimpse
|
## User Interface Glimpse
|
||||||
|
|
||||||
@ -20,7 +20,7 @@ _Note: GpgFrontend's appearance may vary across different operating systems and
|
|||||||
themes. Always refer to the corresponding version of the software for the most
|
themes. Always refer to the corresponding version of the software for the most
|
||||||
accurate documentation._
|
accurate documentation._
|
||||||
|
|
||||||
![GpgFrontend Interface](https://image.cdn.bktus.com/i/2024/02/02/a7e9e762-a8fa-6e52-2728-1488e338e5ef.webp)
|
![GpgFrontend Interface](https://image.cdn.bktus.com/i/2024/06/15/0408b896-6472-4677-b0d1-96f5b9e54a3b.webp)
|
||||||
|
|
||||||
## Project Origins and Mission
|
## Project Origins and Mission
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user