diff options
Diffstat (limited to '')
| -rw-r--r-- | src/content/docs/advanced/memory-security.md | 2 | ||||
| -rw-r--r-- | src/content/docs/guides/file-operations.md | 26 | ||||
| -rw-r--r-- | src/content/docs/guides/fundamental-concepts.md | 75 | ||||
| -rw-r--r-- | src/content/docs/guides/generate-use-subkey.md | 133 | ||||
| -rw-r--r-- | src/content/docs/guides/key-group.md | 109 | ||||
| -rw-r--r-- | src/content/docs/guides/understand-interface.md | 131 | ||||
| -rw-r--r-- | src/content/docs/overview/contact.md | 50 | ||||
| -rw-r--r-- | src/content/docs/overview/downloads.md | 96 | ||||
| -rw-r--r-- | src/content/docs/overview/getting-started.md | 170 |
9 files changed, 492 insertions, 300 deletions
diff --git a/src/content/docs/advanced/memory-security.md b/src/content/docs/advanced/memory-security.md index c03766a..5cf0571 100644 --- a/src/content/docs/advanced/memory-security.md +++ b/src/content/docs/advanced/memory-security.md @@ -39,7 +39,7 @@ engine (GpgME) and protected by GnuPG mechanisms. Each secure buffer is fully initialized to zero upon allocation and is explicitly erased upon release, minimizing the risk of residual sensitive data in memory. -### SecureLevel 2 (Enhanced): +### SecureLevel 2 (Enhanced) At this highest security level, GpgFrontend utilizes OpenSSL’s secure memory feature, allocating sensitive data into locked regions protected from being diff --git a/src/content/docs/guides/file-operations.md b/src/content/docs/guides/file-operations.md index b86fe76..6b25cce 100644 --- a/src/content/docs/guides/file-operations.md +++ b/src/content/docs/guides/file-operations.md @@ -8,7 +8,29 @@ GpgFrontend offers a fast and convenient method for working with files. The processes of encryption, decryption, signing, and verifying files are similar to text-based operations but involve binary input and output. -## Using File Panel for Encryption, Decryption, Signing, and Verifying +## Quick File Operations via Direct Selection + +GpgFrontend enables you to quickly process any file or directory directly from +the main interface, streamlining your workflow for secure file handling. + +1. Direct File Selection: In the main window, click the Open button and choose + either Open File or Open Directory from the drop-down menu. +2. In the system dialog, select the file (e.g., CCC.eml) or directory you want + to process. +3. Automatic File Panel Activation: If you select a file, the File Panel will + automatically open, with the chosen file highlighted and ready for operation. + If you select a directory, the File Panel opens showing the entire directory + contents, allowing you to browse and select one or more files for further + action. +4. Proceed with Cryptographic Operations: With the File Panel open, you can now + select one or more keys from the Key ToolBox (individual public keys or key + groups). Then, you can click the appropriate toolbar button—Encrypt, Decrypt, + Sign, or Verify—to perform the desired cryptographic operation on the + selected file(s). + + + +## Using File Panel Directly After clicking the **File Panel** button, a system directory selection dialog will appear. Follow these steps to perform various cryptographic operations: @@ -22,6 +44,8 @@ will appear. Follow these steps to perform various cryptographic operations: 3. Select a File: In the File Panel tab, click on the file you want to encrypt, decrypt, sign, or verify. + + ### 4. File Operations (Encrypt, Decrypt, Sign, Verify) Perform various file operations by selecting the desired file in the File Panel diff --git a/src/content/docs/guides/fundamental-concepts.md b/src/content/docs/guides/fundamental-concepts.md index 9fbcb52..8c58a24 100644 --- a/src/content/docs/guides/fundamental-concepts.md +++ b/src/content/docs/guides/fundamental-concepts.md @@ -77,38 +77,6 @@ you. That’s why: ::: -## 🏷️ Public Key Certificates: Proving Identity and Key Relationships - -A public key in GPG/PGP is not just a raw cryptographic key. -It is always packaged as a certificate, which contains more than just the key itself. - -A public key certificate includes: - -- The public key data (for encryption and verifying signatures) -- The User ID (your name and email address) -- Signatures made by your own primary key and, optionally, by other people - -### Why Are Certificates Important? - -- Binding Identity: The certificate links your key to your identity, such as - your name and email. This way, people can verify that the key truly belongs to - you. -- Establishing Trust: Others can “sign” your public key, vouching for your - identity. This signature acts as a recommendation, forming a “Web of Trust.” -- Subkey Relationship: If you use subkeys (for encryption or signing), their - certificates include signatures from your primary key. This proves that each - subkey really belongs to your primary identity, and not to someone else. - -### Example - -When you share your public key, you are actually sharing a certificate that: - -- Includes your identity and any subkeys -- Shows cryptographic proof that the subkeys are authorized by your primary key -- May be signed by other people who trust your identity - -This is why you should always distribute your full public key certificate—not just the bare key! - ## ✉️ How Encryption Works Imagine you want to send a private message to someone: @@ -161,6 +129,39 @@ You meet someone at a conference: - You exchange and sign each other’s keys. - Anyone who trusts your key may now also trust theirs. +## 🏷️ Public Key Certificates + +A public key in GPG/PGP is not just a raw cryptographic key. It is always +packaged as a certificate, which contains more than just the key itself. + +A public key certificate includes: + +- The public key data (for encryption and verifying signatures) +- The User ID (your name and email address) +- Signatures made by your own primary key and, optionally, by other people + +### Why Are Certificates Important? + +- Binding Identity: The certificate links your key to your identity, such as + your name and email. This way, people can verify that the key truly belongs to + you. +- Establishing Trust: Others can “sign” your public key, vouching for your + identity. This signature acts as a recommendation, forming a “Web of Trust.” +- Subkey Relationship: If you use subkeys (for encryption or signing), their + certificates include signatures from your primary key. This proves that each + subkey really belongs to your primary identity, and not to someone else. + +### Example + +When you share your public key, you are actually sharing a certificate that: + +- Includes your identity and any subkeys +- Shows cryptographic proof that the subkeys are authorized by your primary key +- May be signed by other people who trust your identity + +This is why you should always distribute your full public key certificate—not +just the bare key! + ## ✅ Best Practices for New Users 1. **Back Up Your Keys**: Store your private key and revocation certificate in a @@ -176,16 +177,6 @@ You meet someone at a conference: 6. **Understand the Web of Trust**: GPG builds trust by people signing each other's keys — this forms a decentralized trust model. -## 🧭 Summary - -GPG is a powerful tool for privacy and digital identity. By learning: - -- How keys work, -- When to encrypt vs. sign, -- And how to protect your credentials, - -You’re taking a big step toward securing your digital life. - ## 🧰 Where Does GpgFrontend Fit In? While GPG/PGP itself is powerful, it is mostly command-line based — which can be diff --git a/src/content/docs/guides/generate-use-subkey.md b/src/content/docs/guides/generate-use-subkey.md index 186925d..d1af9be 100644 --- a/src/content/docs/guides/generate-use-subkey.md +++ b/src/content/docs/guides/generate-use-subkey.md @@ -15,30 +15,30 @@ There are **two entry points** to generate a subkey: ### Method 1: From Key Management -1. **Open Key Management** - - Navigate to the main **KeyPair Management** interface. - - Right-click on the key pair to which you want to add a subkey. - - Select **“New Subkey”** from the context menu. +1. Open Key Management +2. Navigate to the main **KeyPair Management** interface. +3. Right-click on the key pair to which you want to add a subkey. +4. Select **“New Subkey”** from the context menu. -  - + ### Method 2: From Key Details View -1. **Open Key Details** - - Double-click on the desired key pair in the **Key Management** list. - - Switch to the **Keychain** tab. - - Click the **“Generate A New Subkey”** button. +1. Open Key Details +2. Double-click on the desired key pair in the **Key Management** list. +3. Switch to the **Keychain** tab. +4. Click the **“Generate A New Subkey”** button. -  + ### Configuring the Subkey Once the subkey generation dialog appears, configure the following settings: - **Algorithm**: Choose the algorithm for the subkey. Options include: - - RSA, DSA - - ECC (e.g., ED25519, ED448, CV25519, SECP256K1, Brainpool, NIST curves, etc.) + + - RSA, DSA + - ECC (e.g., ED25519, ED448, CV25519, SECP256K1, Brainpool, NIST curves, etc.) - ECDH for encryption, EdDSA for signing, etc. - **Key Size**: Select the desired key size. This setting is available for most @@ -48,6 +48,7 @@ Once the subkey generation dialog appears, configure the following settings: allows configurable sizes like 2048, 3072, or 4096 bits. - **Expiration Date**: Set how long the subkey remains valid: + - Predefined periods (e.g., 1 year, 2 years) - Exact date/time - Or enable **“Non Expired”** for permanent validity. @@ -56,7 +57,7 @@ Once the subkey generation dialog appears, configure the following settings: - `Encrypt` - `Sign` - `Authenticate` - *(Certification usage is reserved for primary keys.)* + _(Certification usage is reserved for primary keys.)_ ### Final Step: Generate @@ -153,8 +154,7 @@ and successfully export a subkey: a location to save the exported subkey. Choose a secure directory and save the subkey as a separate file. - + ### Step-by-Step Guide to Importing Subkeys @@ -165,16 +165,14 @@ to navigate the GpgFrontend interface and successfully import a subkey: 1. **Select the Key Database**: Choose the appropriate key database from the **Key Toolbox**. - + 1. **Import the Subkey**: Click on the **Import Key** button in the top toolbar, and select **File** from the dropdown menu. This action will open a dialog where you can browse your system to locate the previously exported subkey file. -  +  2. **Select Subkey File**: Browse to the location where the subkey file is saved, select it, and click **Open**. This will import the subkey into the @@ -188,8 +186,7 @@ Database](https://image.cdn.bktus.com/i/2024/11/29/0e8ff19e-4189-65db-5732-1a2e7 4. **Handling Primary Key**:You can now move your master key to a safe place. Then delete it at GpgFrontend. -  +  ### Confirming Primary Key Absence @@ -199,8 +196,7 @@ for this subkey does not exist in the current key database. This is expected if you have securely removed the primary key to minimize exposure, while retaining the subkeys for ongoing operations. - + You can confirm the absence of the primary key by opening the **Key Details** view of the imported subkey. In the **Primary Key Existence** section, it should @@ -215,8 +211,7 @@ Existence** section in the Key Details view, which will display **Not Exists**. This setup is intentional in many cases to improve security by isolating the primary key. - + ### Actions Limited by the Absence of a Primary Key: @@ -244,20 +239,82 @@ primary key poses a security risk. By isolating the primary key and relying solely on subkeys, you can maintain a balance between functionality and security. - + + +## Common Misconceptions about Subkey + +When you export only a subkey and then import it into a different key database +(or application), you may notice that: + +- The key listing still shows the primary key’s ID as the main identifier. +- The keyring still displays the original key structure—including the primary + key and potentially other subkeys—though only the exported subkey is available + for actual use (decryption, signing, etc.). +- The usage flags (such as CESA: Certify, Encrypt, Sign, Authenticate) may + change—only capabilities for which the private part is present remain active. + +### Why is this the case? + +This is not a bug, but a fundamental part of how OpenPGP and GnuPG represent keys. + +### Key Structure: Public Context is Required + +Even if you export and import only a subkey’s secret part, you are actually +exporting and importing a full public key structure (a certificate) with only a +partial set of private components. + +- The public key block still contains the primary key’s information, all user + IDs, and all subkey definitions. +- The secret part of the primary key is absent, so you cannot certify, revoke, + or generate further subkeys. +- The exported file needs to include the primary key’s public information, + because the subkey’s trust depends on its certification by the primary key. + +:::tip[Analogy] + +Exporting a subkey is like sending only the content of a letter but still +including the envelope, address, and signature. You need all of these for the +recipient (the application) to know who sent it and to verify its authenticity. + +::: + +The primary key is the identity anchor for the whole key structure. Subkeys +derive their trust from the fact that the primary key certified them. If the +primary key’s public info and signatures are missing, the subkey would not be +recognized as legitimate or trustworthy by other OpenPGP tools. + +### Multiple Subkeys Included + +If the key structure contains other subkeys, their definitions will also be +present in the exported key material—even if their secret parts are missing. +This design ensures the integrity and context of the key structure for any +OpenPGP-compliant tool. + +### Why is the Key ID Still the Primary Key’s? + +OpenPGP keyrings and applications (including GpgFrontend, Thunderbird, etc.) +identify the whole key structure by the primary key ID. This ensures consistency +and interoperability across tools and platforms. It’s not possible to create a +"standalone" subkey that appears as its own identity—the subkey’s value is only +recognized as part of the primary key’s web-of-trust. + +### Can I use only a subkey for all operations? + +Yes, as long as you have generated the necessary subkeys for signing, +encryption, and authentication. But certain actions, like certifying other keys +or adding User IDs, require the primary key. -### Tips for Secure Usage: +## Tips for Secure Usage -1. **Inspect Subkey Capabilities**: Always verify what operations a subkey can - perform by reviewing its **Usage** field. -2. **Plan Subkey Generation**: At the time of key creation, consider creating - multiple subkeys with distinct purposes (e.g., signing, encryption, - authentication). -3. **Backup Primary Key Securely**: Store the primary key in an offline, highly - secure location to allow recovery or advanced operations if needed. +- **Inspect Subkey Capabilities**: Always verify what operations a subkey can + perform by reviewing its **Usage** field. +- **Plan Subkey Generation**: At the time of key creation, consider creating + multiple subkeys with distinct purposes (e.g., signing, encryption, + authentication). +- **Backup Primary Key Securely**: Store the primary key in an offline, highly + secure location to allow recovery or advanced operations if needed. -### Additional Note on Subkey Algorithm Types +## Additional Note on Subkey Algorithm Types Subkeys in GpgFrontend offer more algorithm types than primary keys due to their specialized roles. While primary keys focus on establishing identity and trust, @@ -286,4 +343,4 @@ Algorithms](/extra/algorithms-comparison) - ECDH NIST P-521 - ECDH BrainPool P-256 (GnuPG >2.3.0) - ECDH BrainPool P-384 (GnuPG >2.3.0) -- ECDH BrainPool P-512 (GnuPG >2.3.0)
\ No newline at end of file +- ECDH BrainPool P-512 (GnuPG >2.3.0) diff --git a/src/content/docs/guides/key-group.md b/src/content/docs/guides/key-group.md new file mode 100644 index 0000000..2f4c3cb --- /dev/null +++ b/src/content/docs/guides/key-group.md @@ -0,0 +1,109 @@ +--- +title: Key Groups +--- + +A Key Group is a powerful feature in GpgFrontend that allows you to manage and +utilize a collection of public keys as if they were a single public key. This +greatly simplifies encryption and access control when you want to address +multiple recipients or roles at once. + +## What is a Key Group? + +A Key Group is essentially a named set of public keys. Instead of encrypting +data separately for each individual recipient, you can create a group, add the +relevant public keys, and use the group for encryption. All members of the group +will be able to decrypt messages or files encrypted to that group. + +## Key Group Characteristics + +- Collection of Public Keys: A key group consists of one or more public keys. +- Treated as a Single Key: In GpgFrontend, you can use a key group anywhere a + single public key would be used, such as for encryption, sharing, or defining + access. +- Nested Key Groups: Key groups can contain other key groups. This allows you to + create complex, hierarchical access structures or role-based groups. +- Flexible Management: You can easily add, remove, or reorganize members (public + keys or other key groups) within a group at any time. +- Naming and Organization: Each key group can be given a unique name for easy + identification and usage. + +## How to Create and Use Key Groups + +1. Select Keys to Group: At the Key ToolBox panel, select the public keys you + want to add to your group by checking the boxes in the “Select” column. +2. Click the “Create Key Group” Button: Once you have selected the desired keys, + click the Key Group button (key icon) in the toolbar above the key list. +3. Fill in Group Information: A dialog titled New Key Group will appear. Fill in + the group’s name, email(optional), and an optional comment. Click + Create to make the group. +4. Key Group Appears in List: After creation, your new key group will appear in + the key list with Type shown as group. You can now use this group for + encryption and other operations—just like a single public key. + + + + + +## Manage Members and Nested Groups + +You can edit a key group at any time. Double-click the group entry (or use the +group management menu) to open the Key Group Management window. Here you can add +or remove keys, or even nest groups within groups. + + + +## Typical Use Cases + +- Team Encryption: Encrypt a document once for an entire project team or + department. All team members (whose keys are in the group) can decrypt it. +- Role-Based Access: Define groups such as “Developers”, “Managers”, or + “Auditors” and grant or revoke access by modifying group membership. +- Nested Structures: Organize key groups hierarchically, e.g., a “Project A” + group containing “Frontend Team” and “Backend Team” key groups. + +## Special Notes & Behaviors for Key Groups + +Key Groups in GpgFrontend offer flexibility and powerful management for +encryption workflows, but they also come with specific behaviors and rules that +ensure proper usage and system integrity. The following notes highlight +important details about how Key Groups work, their operational constraints, and +how they interact with the broader GpgFrontend environment. Understanding these +points will help you make the most of Key Groups while avoiding common pitfalls. + +### Owner Trust Propagation + +You can right-click on a Key Group entry to set the Owner Trust level for the +group. When you do this, the Owner Trust value is applied to all public keys +contained within the group (including recursively for nested groups). This is a +convenient way to manage trust settings for many users at once. + +### Membership & Encryption Capability + +Only keys marked with the E (Encrypt) usage flag can be added to a Key Group. If +a key does not support encryption, you will not be able to include it. + +### Automatic Disabling of Invalid Groups + +Auto-Disabling on Startup: If, upon startup, any key in a Key Group no longer +meets requirements (e.g., is deleted or loses encryption capability), the Key +Group will be automatically disabled. + +- Disabled Key Groups are not shown in the Key ToolBox. +- You can still view and manage them in the Key Management interface, where they + are highlighted in red to indicate their invalid status. +- The disabled status will propagate: if a nested group becomes unavailable, any + parent group containing it is also disabled. + +### Key Group Usage and Limitations + +Key Groups as Encryption Targets Only: In GpgFrontend, a Key Group is treated as +a single encryptable entity—you can use it as a recipient for encryption just +like a public key. Key Groups cannot be used for signing, decryption, or +certification. They are only valid for encryption operations. + +### Independence from GnuPG keygroups + +Key Groups Are Local to GpgFrontend: GpgFrontend Key Groups are internal objects +managed only by GpgFrontend. They are not connected to GnuPG’s "keygroup" +feature or to the `gpg.conf` file. This means Key Groups are only visible and +usable within GpgFrontend, and will not appear in other OpenPGP tools. diff --git a/src/content/docs/guides/understand-interface.md b/src/content/docs/guides/understand-interface.md index 91b66fb..495f3e6 100644 --- a/src/content/docs/guides/understand-interface.md +++ b/src/content/docs/guides/understand-interface.md @@ -4,19 +4,46 @@ sidebar: order: 2 --- -This documentation explains the interface and functionality of GpgFrontend, -based on the latest UI design. It is intended to guide users through its -features effectively. +This documentation explains the layout and features of the latest GpgFrontend +interface, helping users to efficiently utilize all cryptographic operations in +different workspaces. - + -## Text Editing Zone +## Workspace Overview -The **Text Editing Zone** allows users to input any desired text or work on -existing files. You can open a new tab using the **"New"** or **"New E-Mail"** -button or load an existing file with **"Open"** from the menu bar. +GpgFrontend organizes your cryptographic workflow into multiple workspaces +(tabs), making it easy to work with files, plain text, and email data +simultaneously. -### Key Features: +There are three main workspace types, each represented by a tab: + +- File Panel: For batch file and folder operations. +- Text Editor: For editing and encrypting/decrypting plain text. +- Mail Editor: For handling email messages in a dedicated editor. + +You can open multiple tabs of each type and switch between them as needed. + +### File Panel + +The File Panel is dedicated to cryptographic operations on files and folders. It +allows you to: + +- Browse and select files or folders from your system. +- Encrypt, decrypt, sign, or verify one or multiple files. +- Switch between ASCII and binary output modes. +- Activate Batch Mode for multi-file operations. +- Automatically handle folder archiving/encryption (see the File Operations + section for details). + +Files and folders selected via Open are always opened in a File Panel tab. + +### Text Editor + +The Text Editor allows users to input any desired text or work on existing +files. + +#### Key Features - **Operations Bar**: Located at the top, it provides options to encrypt, decrypt, sign, and verify text directly. @@ -24,14 +51,28 @@ button or load an existing file with **"Open"** from the menu bar. and **Ctrl+S** for copying, pasting, and saving text. - **Plain Text Format**: Text is encoded in UTF-8 without formatting to ensure clarity and compatibility. Future plans may include rich text editing. - -#### Large Text File Support - - Files up to **1MB** are supported. Larger files may cause performance issues and are not recommended. - While loading large files, editing will be temporarily disabled until the entire file is processed. +### Mail Editor + +The Mail Editor is specifically designed for working with EML-format email +messages. + +- Open and Edit EML Files: Load .eml files (standard email format) directly for + viewing and editing their content. +- Compose, Encrypt, Sign, and Verify Emails: Easily write or modify email + content and apply encryption, digital signatures, or verify received + signatures—all in one place. + +:::caution[Note] + +The Mail Editor is optimized for .eml files, ensuring compatibility with standard email clients and maintaining proper formatting and metadata during cryptographic operations. + +::: + ## Information Panel The **Information Panel** displays the results of current operations (e.g., @@ -55,24 +96,38 @@ and algorithms used. ## Key Toolbox -The **Key Toolbox**, located on the right side of the interface, lists all -available keys. It provides details such as key type, name, email address, and -usage. Users can select keys for specific operations by ticking the boxes in the -first column. +Located on the right side, the Key Toolbox lists all your available keys, +including public, private, and key groups. + +Key features: + +- Selection: Tick boxes to choose keys for current operations. +- Type/Usage/Email: Quickly review each key’s function. +- Tab Filtering: Tabs let you quickly filter keys by type or status. + +Keys that are expired, revoked, or unavailable are hidden by default, but can be +managed in the Manage Keys interface. + +### Understanding the Key Toolbox Table -### Key Details +The Key Toolbox contains detailed information about each key. Some of the +columns and codes—especially in the Type and Usage columns—may not be +immediately obvious. The section below explains the meaning of these less +obvious—but essential—fields and codes, so you can confidently interpret key +types, usage, and status in your daily cryptographic operations. - **Type**: - `pub`: Public key (for encryption or verification). - `pub/sec`: Key pair with both public and private keys. - `pub/sec#`: Key pair with missing primary key. - `pub/sec^`: Key pair with components stored on a smart card. -- **Email Address**: Shows the email associated with each key. + - `group`: Key Group (a collection of public keys used as one recipient for + encryption). - **Usage**: Indicates key functionality with codes: - - `C`: Certification. - - `E`: Encryption. - - `S`: Signing. - - `A`: Authentication. + - `C`: Certification – can certify (sign) other keys (typically primary keys only) + - `E`: Encryption – can encrypt data to this key + - `S`: Signing – can create digital signatures + - `A`: Authentication – can be used for authentication (e.g. SSH) ### Categories @@ -82,20 +137,24 @@ Expired or revoked keys are not displayed by default and can be viewed in ## Operations Bar -The **Operations Bar**, at the top of the interface, provides quick access to -all core functionalities: - -1. **New E-Mail**: Create a new email or text file. -2. **Open**: Open an existing text file. -3. **File Panel**: Browse and select files from your system. -4. **Encrypt**: Encrypt text or files using selected keys. -5. **Encrypt Sign**: Encrypt and sign text or files simultaneously. -6. **Decrypt**: Decrypt text or files. -7. **Decrypt Verify**: Decrypt and verify signed files. -8. **Sign**: Digitally sign text or files. -9. **Verify**: Verify the signature of text or files. -10. **Manage Keys**: Access the key management interface. -11. **Import Key**: Import keys into your keyring. +The Operations Bar at the top provides one-click access to all core +cryptographic and workspace features. Here are the main buttons, from left to +right: + +1. **Open**: Open a file or directory, launching the File Panel for file-based + operations. +2. **Workspace**: Manage and switch between different workspaces or tabs, such + as File Panel, Text Editor, and Mail Editor. +3. **Encrypt**: Encrypt the currently selected file(s) or text using the + selected recipient keys. +4. **Decrypt**: Decrypt the currently selected encrypted file(s) or text. No key + selection is required—gpg automatically detects and uses the + appropriate private key(s) from your keyring. +5. **Sign**: Digitally sign the selected file(s) or text with your private key. +6. **Verify**: Verify the signature of the selected file(s) or text. +7. **New Keypair**: Generate a new key pair. +8. **Import Key...**: Import existing public or private keys into your keyring. +9. **Manage Keys**: Access the key management interface. ### Customization diff --git a/src/content/docs/overview/contact.md b/src/content/docs/overview/contact.md index 95925f6..3fe60b7 100644 --- a/src/content/docs/overview/contact.md +++ b/src/content/docs/overview/contact.md @@ -5,45 +5,43 @@ sidebar: order: 5 --- -Please avoid discussing business or political matters here. This space is -dedicated to fostering the well-being and advancement of humanity. If you have -any technical questions or suggestions on how to enhance this software, your -insights are very much welcome. +Contact on this page is intended for technical collaboration and feedback. This +space is dedicated to fostering the well-being and advancement of humanity. If +you have any technical questions or suggestions on how to enhance this software, +your insights are very much welcome. -For correspondence, I strongly prefer plain text emails over HTML formatted -messages. +For email correspondence, I strongly prefer plain text over HTML format. ## Personal Details - **Preferred Name:** Eric -- **Full Legal Name:** Yu Hu -- **Email:** [[email protected]](mailto:[email protected]) (Server location: Germany) -- **Preferred Email Format:** Plain text, without HTML enhancements. -- **Headquarters:** Baden-Württemberg, Germany +- **Legal Name:** Yu Hu +- **Email:** [[email protected]](mailto:[email protected]) (server in Germany) +- **Headquarters:** Germany -**Note for CA Verification:** For informal correspondence you can call me -**Eric**; for formal or legal matters, please use **Mr. Hu**. +> **Note on Names**: I’ve used the name Eric since childhood, and prefer it in +> nearly all non-Chinese contexts, especially online. My legal name, Yu Hu, is +> only truly accurate in Chinese characters and is rarely needed outside of +> legal or formal situations. It’s provided here mainly for code signing +> certificate verification. In formal settings, please use Mr. Hu. -### About My Domain +## About My Domain -The domain BKTUS (Bakantu union us) is not a commercial entity but rather a -personal domain name of mine. The name "Bakantu" merges elements of technology -and community, reflecting a domain that values both innovation and connectivity. -It represents a seamless integration of advanced scientific pursuits with the -foundational principles of mutual support and collaboration, characteristic of a -forward-thinking, interconnected society. This name embodies the synergy between -technological progress and communal interdependence, aimed at fostering a better -future. +The domain [`bktus.com`](https://bktus.com/) (“Bakantu union us”) is just a +personal domain I registered as a teenager. “Bakantu” is simply a made-up +word—no hidden meaning! I just wanted a name that blended technology and +community, reflecting values like innovation, connectivity, and collaboration. +:) -### Language Proficiency +## Language Proficiency I can use the following languages and welcome communication in any of them: -1. English -2. Chinese -3. German +- English +- Chinese +- German -### Secure Communication (GPG Public Key) +## Secure Communication (GPG Public Key) For secure and encrypted communication, below is my long-term PGP public key. Please ensure any encrypted messages are sent in plain text format and avoid diff --git a/src/content/docs/overview/downloads.md b/src/content/docs/overview/downloads.md index 0dfc635..5e26f18 100644 --- a/src/content/docs/overview/downloads.md +++ b/src/content/docs/overview/downloads.md @@ -8,57 +8,87 @@ GpgFrontend is available for download through multiple channels. For more detailed instructions on installation and getting started, please refer to the [Getting Started Guide](/overview/getting-started/). -## Download Options Across Platforms - [](https://repology.org/project/gpgfrontend/versions) -### Releases & Downloads +## Direct Downloads + +Choose from the options below to download GpgFrontend directly for your platform. + +### GitHub Releases + +Click the badges below to access the latest stable and nightly builds. + +[](https://github.com/saturneric/GpgFrontend/releases/latest) + +[](https://github.com/saturneric/GpgFrontend/releases/nightly) + +### Static Mirror + +For privacy-conscious users, a fast and secure direct-download mirror is +available at [ftp.bktus.com](https://ftp.bktus.com/GpgFrontend/). This mirror is +served over HTTPS with no authentication, tracking, rate limits, or +redirections. + +### Asset Naming Patterns and Descriptions + +Below is a summary table explaining the naming patterns and purposes of each +downloadable asset. You can use the filename patterns to quickly identify and +select the appropriate package for your platform or use case. -- **GitHub Releases**: Click the badges below to access the latest stable and nightly builds. +| Filename Pattern | Description | +| --------------------------------- | ------------------------------------------------------------------------------------------- | +| `***-universal.zip` | The universal package: contains both Windows Portable and Linux AppImage in one archive. | +| `***-windows-x86_64-portable.zip` | Fully portable Windows version. No installation needed; just extract and run. | +| `***-windows-x86_64.msix` | MSIX installer for Windows (recommended for most Windows users). | +| `***-windows-x86_64.msi` | Classic MSI installer for Windows; suitable for legacy/enterprise environments. | +| `***-macos-**.dmg` | macOS disk image; number = minimum required macOS version. Drag to install. | +| `***-linux-******.AppImage` | AppImage for Linux; make it executable and run directly. | +| `*.sig` | GPG signature file for verifying the integrity and authenticity of the corresponding asset. | - [](https://github.com/saturneric/GpgFrontend/releases/latest) +## Homebrew Cask - [](https://github.com/saturneric/GpgFrontend/releases/nightly) +Mac users can check the version information through the +badge below or install using the command line. -- **Static Mirror**: A fast, direct-download mirror is also available at [ftp.bktus.com](https://ftp.bktus.com/GpgFrontend/), served securely over HTTPS via Nginx. No authentication, rate limits, or redirections. +[](https://formulae.brew.sh/cask/gpgfrontend) -### Homebrew Cask +Install command: -- **Homebrew Cask**: Mac users can check the version information through the - badge below or install using the command line. +``` +brew install --cask gpgfrontend +``` - [](https://formulae.brew.sh/cask/gpgfrontend) +## Flatpak - Install command: +Linux users can click the image below to navigate to the Flathub page for +installation. - ``` - brew install --cask gpgfrontend - ``` +[](https://flathub.org/apps/com.bktus.gpgfrontend) -### Flatpak +## Windows -- **Flatpak Installation**: Linux users can click the image below to navigate to - the Flathub page for installation. +There are several convenient ways to install GpgFrontend on Windows. Choose the +method that best fits your workflow. - [](https://flathub.org/apps/com.bktus.gpgfrontend) +### WinGet -### Windows +Windows users can install GpgFrontend through the Windows Package Manager +(WinGet). Check the version information through the badge below or install +using the command line. -- **WinGet Package**: Windows users can install GpgFrontend through the Windows - Package Manager (WinGet). Check the version information through the badge - below or install using the command line. +[](https://repology.org/project/gpgfrontend/versions) - [](https://repology.org/project/gpgfrontend/versions) +Install command: - Install command: +``` +winget install Saturneric.GpgFrontend +``` - ``` - winget install Saturneric.GpgFrontend - ``` +### Microsoft Store -- **Microsoft Store Download**: Windows users can also visit the application - store page through the Microsoft Store badge below. +Windows users can also visit the application store page through the Microsoft +Store badge below. - <a href="https://apps.microsoft.com/detail/9nh716mqk2b5"> - <img src="https://get.microsoft.com/images/en-us%20dark.svg" width="200"/> - </a> +<a href="https://apps.microsoft.com/detail/9nh716mqk2b5"> + <img src="https://get.microsoft.com/images/en-us%20dark.svg" width="200"/> +</a> diff --git a/src/content/docs/overview/getting-started.md b/src/content/docs/overview/getting-started.md index db531a1..167b4d9 100644 --- a/src/content/docs/overview/getting-started.md +++ b/src/content/docs/overview/getting-started.md @@ -12,8 +12,7 @@ communications as quickly and efficiently as possible. ## Before You Begin: Prerequisites -**Note for Windows or macOS users who utilize Homebrew: You may skip this -prerequisites section.** +**Note for Windows users: You may skip this prerequisites section.** GpgFrontend leverages the robust functionalities of GnuPG for encryption, decryption, and key management. It is crucial to have GnuPG installed on your @@ -29,26 +28,41 @@ pre-installed. Check your GnuPG version with `gpg --version` in your terminal. It is advisable to upgrade to GnuPG version 2.2 or later for optimal performance and compatibility. -## Installation & Execution Guide +## Brief Installation Guide + +GpgFrontend is distributed through multiple official channels, making +installation easy on all major platforms. **For the latest download options and +installation commands for your system, please visit the +[Downloads](/overview/downloads) page.** + +> Note: The installation methods below provide general guidance. If you prefer +> installing via package managers such as WinGet, Microsoft Store, or Flatpak, +> please refer to the Downloads page for the most up-to-date and recommended +> options. ### For Windows Users +You can choose from several installation methods based on your preferences. + #### Portable Version (No Installation Required) 1. **Download** the portable version from [GpgFrontend's latest releases](https://github.com/saturneric/GpgFrontend/releases/latest), labeled `GpgFrontend-*******-windows-x86_64-portable.zip`. 2. **Extract** the contents of the downloaded ZIP file. -3. **Run** `GpgFrontend.exe` from the extracted `Program/bin` directory. +3. **Run** `GpgFrontend.exe` from the extracted `bin` directory. #### Installer Version -1. **Download** the installer from [GpgFrontend's latest +1. **Download** the MSIX installer from [GpgFrontend's latest releases](https://github.com/saturneric/GpgFrontend/releases/latest), named - `GpgFrontend-*******-windows-x86_64-setup.exe`. + `GpgFrontend-*******-windows-x86_64.msix`. 2. **Install** GpgFrontend by following the on-screen instructions. After installation, you can access GpgFrontend directly from your desktop. +The MSIX installer is recommended for most users due to improved security, +simpler updates, and better integration with modern Windows features. + ### For macOS Users GpgFrontend's macOS packages are Apple-verified, allowing straightforward @@ -62,12 +76,12 @@ For an effortless install or removal process, use Homebrew Cask: 2. **Install** GpgFrontend with the command `brew install --cask gpgfrontend`. 3. **Launch** GpgFrontend from your Launchpad. -#### Manual Installation from DMG +#### Installation from DMG 1. **Install GnuPG** via Homebrew or download it from [GPG for OS X](https://sourceforge.net/projects/gpgosx/files). 2. **Download** the `GpgFrontend-*******-macos-**.dmg` file from [GpgFrontend's - releases](https://github.com/saturneric/GpgFrontend/releases). + latest releases](https://github.com/saturneric/GpgFrontend/releases/latest). 3. **Mount** the DMG file and **run** GpgFrontend. 4. **Optional:** Drag GpgFrontend into your Applications folder for easy access. @@ -79,11 +93,11 @@ conflicts. 1. **Install GnuPG** if it's not already installed. - Debian/Ubuntu: `sudo apt update && sudo apt install gpg` - - CentOS: `sudo yum install gnupg` -2. **Download** the AppImage from [GpgFrontend's - releases](https://github.com/saturneric/GpgFrontend/releases), labeled - `GpgFrontend-*******-linux-x86_64.AppImage`. -3. **Make it executable:** `chmod u+x ./GpgFrontend-***-linux-x86_64.AppImage`. + - Fedora: `sudo yum install gnupg` +2. **Download** the AppImage from [GpgFrontend's latest + releases](https://github.com/saturneric/GpgFrontend/releases/latest), labeled + `GpgFrontend-*******-linux-******.AppImage`. +3. **Make it executable:** `chmod u+x ./GpgFrontend-***-linux-******.AppImage`. 4. **Launch** the AppImage with a double-click or through the terminal. ### BSD Users (FreeBSD/OpenBSD) @@ -92,119 +106,29 @@ Currently, there are no binary releases for BSD systems. However, GpgFrontend can be compiled and run on BSD. Refer to the GitHub repository for build instructions. -## Downloading from GitHub Releases - -GpgFrontend is primarily distributed through GitHub Releases, ensuring -accessibility and eliminating the need for personal server management. - -Upon navigating to [GpgFrontend's download -page](https://github.com/saturneric/GpgFrontend/releases/latest), you'll find -detailed information about the latest version, including new features and fixes. -Each release is signed for security verification purposes, allowing users with -heightened security needs to confirm the authenticity of the downloaded files. - -Scroll down to the **Assets** section to select the appropriate version for your -operating system. The filenames include a unique identification number, crucial -for reporting any version-specific issues. - -Files ending in 'signature' are GPG separate signatures, which can be verified -with GPG to ensure they are officially released and approved by me. - -Select the version that suits your system or follows the provided instructions -to begin the download. - -By following these steps, you'll be ready to use GpgFrontend, enhancing your -digital security with powerful encryption tools at your fingertips. - -## Basic Operations with GpgFrontend - -After successfully installing GpgFrontend, you're ready to dive into the world -of encryption and secure communication. This guide will walk you through some -fundamental operations to get you started. - -### Generating Your First Key Pair - -1. Open GpgFrontend: Launch the application. -2. Access Key Management: Navigate to the "Key Management" section. -3. Generate Key Pair: Look for an option to "Generate" a new key pair. -4. Fill in your details, such as name and email, and choose your desired key - type and size. You can also add a comment if you wish. -5. Set an expiration date for the key, or choose 'Never Expire' if you prefer. -6. Create a passphrase for your key to ensure its security. Remember to use a - strong passphrase that you won't forget. -7. Once all details are filled in, click 'OK' to generate your key pair. - -### Encrypting - -1. **Write a Message:** Start by writing a message in the main text area of - GpgFrontend. -2. **Choose Recipient:** Select the public key of the message's recipient. If - you're practicing, you can select your own public key. -3. **Encrypt:** With the recipient's public key selected, click on the "Encrypt" - option. The text will be encrypted, making it readable only by the selected - recipient. - -### Decrypting - -1. **Receive an Encrypted Message:** Copy the encrypted message into - GpgFrontend's main text area. -2. **Decrypt:** Click on the "Decrypt" option. If the message was encrypted with - your public key, you would need to enter the password for your private key to - decrypt it. - -### Signing - -1. **Create a Message:** Type your message in the text area. -2. **Sign:** Choose the "Sign" option and select your private key. Enter your - key's password to sign the message. This adds a digital signature that - verifies you as the message's sender. - -### Verifying - -1. **Receive a Signed Message:** Paste the signed message into GpgFrontend. -2. **Verify:** Click on "Verify" to check the signature. If the signature - matches the sender's public key, GpgFrontend will confirm the message's - integrity and authenticity. - -### Key Management and Sharing +## Basic Operations Index -#### Exporting and Sharing Your Public Key +Before diving into the specific operations, **we highly recommend that beginners +start with the [Fundamental Concepts](/guides/fundamental-concepts/) guide**. It +provides an essential overview of encryption principles, key management basics, +and the main concepts used throughout GpgFrontend. -1. Go to 'Manage Keys'. -2. Select your key pair and choose 'Export Key'. -3. Save your public key to a file or copy it to the clipboard to share it with - others. +Then, you can quickly get started by referring to the following topic-specific +guides. For more details about operations and the user interface, please refer to: +[Interface Understanding](/guides/understand-interface/) -#### Importing a Public Key +- [Generating a Key Pair](/guides/generate-key/) +- [Importing and Exporting Key Pairs](/guides/import-export-key-pair/) +- [File Encryption and Decryption](/guides/file-operations/) +- [Text Encryption and Decryption](/guides/text-opetations/) +- [Using Key Groups](/guides/key-group/) +- [Key Server Operations](/guides/key-server-operations/) +- [Smart Card Operations](/guides/smart-card/) -To communicate securely with someone else, you need their public key. Click -'Import key'. You can import a key file or copy and paste the public key -directly. After importing, the public key will appear in your keyring, ready for -use. +:::tip -### Exchanging Public Keys with Friends +You can also explore more topic-specific guides in the "Brief Guides" section. +If you encounter any questions, it is recommended to consult the dedicated +documentation for each feature first. -1. **Export Your Public Key:** From the "Key Management" section, find the - option to export your public key. Save it as a file or copy it to your - clipboard. -2. **Share Your Public Key:** Send your public key to your friend via email, - messaging app, or any secure channel you prefer. -3. **Import Your Friend's Public Key:** When your friend sends you their public - key, import it into GpgFrontend using the "Import" option in the "Key - Management" section. - -By exchanging public keys, you establish a secure channel for encrypted -communication. Only the holder of the corresponding private key can decrypt -messages encrypted with a public key, ensuring privacy and security in your -communications. - -## Conclusion - -GpgFrontend is a powerful tool for enhancing your digital security. By -generating key pairs, encrypting and decrypting messages, signing documents, and -exchanging public keys, you can safeguard your communications in a world where -privacy is increasingly precious. As you become more familiar with these -operations, explore further features and settings within GpgFrontend to tailor -your security practices to your needs. Remember, the cornerstone of digital -security is practicing safe key management and password hygiene. Welcome to the -secure side! +::: |