diff options
| author | saturneric <[email protected]> | 2024-02-24 03:47:56 +0000 |
|---|---|---|
| committer | saturneric <[email protected]> | 2024-02-24 03:47:56 +0000 |
| commit | 98e09af947a61320dffe43450c50523012e78e53 (patch) | |
| tree | 11b36676c97da252386eae0accd7e3583adfa214 | |
| parent | fix: solve issues reported on flathub revirew (diff) | |
| download | GpgFrontend-98e09af947a61320dffe43450c50523012e78e53.tar.gz GpgFrontend-98e09af947a61320dffe43450c50523012e78e53.zip | |
doc: update manual and trademark
31 files changed, 1432 insertions, 926 deletions
@@ -1,13 +1,10 @@ -<img width="100" height="100" align="right" style="position: absolute;right: 0;padding: 12px;top:12px;" src="https://image.cdn.bktus.com/i/2023/11/16/8e64ecab-434f-8c3f-901c-2bb2339d4bb7.webp" alt="ICON"/> +<img width="100" height="100" align="right" style="position: absolute;right: 0;padding: 12px;top:12px;" src="https://image.cdn.bktus.com/i/2024/02/24/248b2e18-a120-692e-e6bc-42ca30be9011.webp" alt="ICON"/> # GpgFrontend   - [](https://www.codacy.com/gh/saturneric/GpgFrontend/dashboard?utm_source=github.com&utm_medium=referral&utm_content=saturneric/GpgFrontend&utm_campaign=Badge_Grade) - - [](https://app.fossa.com/projects/git%2Bgithub.com%2Fsaturneric%2FGpgFrontend?ref=badge_small) [](https://github.com/saturneric/GpgFrontend/actions/workflows/release.yml) @@ -28,227 +25,41 @@ When using GpgFrontend, you can: GpgFrontend is **PERMANENTLY FREE** of charge. However, you can support us by "starring" this project. Your contributions are highly appreciated! -[Language Supported](#language-support) by GpgFrontend including English, Chinese, French, German, Italian, etc. - -[>> Download <<](https://github.com/saturneric/GpgFrontend/releases/latest) -| [>> User Manual <<](https://www.gpgfrontend.bktus.com/#/overview) -| [>> Developer Document <<](https://doxygen.gpgfrontend.bktus.com/) - ## Table of Contents -- [User Manual](#user-manual) -- [System Requirement](#system-requirement) -- [Developer Document](#developer-document) -- [Build From Source Code](#build-from-source-code) -- [Language Support](#language-support) -- [Contract](#contract) -- [Licenses](#licenses) +- [GpgFrontend](#gpgfrontend) + - [Table of Contents](#table-of-contents) + - [User Manual](#user-manual) + - [Developer Document](#developer-document) + - [Language Support](#language-support) + - [Supported Languages](#supported-languages) + - [Contract](#contract) + - [Contributing \& Bugs Report](#contributing--bugs-report) + - [Project Maintainer](#project-maintainer) + - [Project's LOGO](#projects-logo) + - [LICENSES](#licenses) ## User Manual GpgFrontend provides documentations on its main features. If you want to know how to install, please read the [User Manual](https://www.gpgfrontend.bktus.com/#/quick-start) instead of README. -## System Requirement - -Before proceeding with the installation and usage of GpgFrontend, it's crucial -to understand the system requirements that ensure optimal performance. This -section provides comprehensive details about the necessary software -dependencies, hardware specifications, and the compatible operating systems. -Meeting these requirements will ensure a smooth, efficient experience while -using GpgFrontend. - -Please read the following subsections carefully to confirm that your system -aligns with the recommended configurations. - -### Operating System - -GpgFrontend is compatible with major operating systems including Linux, macOS, -and Windows. Specifically, it recommends Windows 10 and later, macOS 11 and -later, and Ubuntu 20.04 LTS or other equivalent Linux distributions. - -### Software Dependencies - -Qt6 or Later: GpgFrontend is developed using the Qt framework. Therefore, a -runtime of Qt6 or later is required for the software to function correctly. -Please note, the Qt6 runtime is integrated into the Release Package for Linux, -macOS, and Windows, so it generally does not need to be considered separately. -This allows for easier setup and ensures compatibility across different systems. - -GnuPG: As the frontend for GnuPG, GpgFrontend requires GnuPG (version 2.2.0 or -higher) to be pre-installed in your system. Please note, GpgFrontend is not -compatible with GnuPG 1.x versions. Users employing earlier versions of GnuPG 2 -may encounter some unforeseen issues. We strongly recommend updating to the -supported versions to ensure a seamless experience. - -### Hardware - -While the specific hardware requirements largely depend on the size and -complexity of the data you're working with, we generally recommend: - -A computer with at least 1 GB of RAM. However, 2 GB or more is preferable for -smoother performance. The majority of these resources are allocated to your -operating system, but around 100 MB of memory is needed to ensure the smooth -running of GpgFrontend. At least 200 MB of free disk space for software -installation. Additional space will be needed for ongoing work. - -Please note, these requirements are intended to be guidelines rather than strict -rules. It's possible that GpgFrontend will work on lower-spec hardware, but for -optimal performance, the above specifications are recommended. - -### Network - -Although not necessary for basic operation, an active Internet connection may be -required for software updates and accessing online help resources. - -Please note that these are the minimal requirements that we tested, and actual -requirements for your use case could be higher, especially for large datasets. - ## Developer Document -You can view the developer documentations that is synchronized with the current latest develop code. This document will -help you understand the source code and get involved more quickly in the process of contributing to open source. - -[Developer Document](https://doxygen.gpgfrontend.bktus.com) - -## Build From Source Code - -For some experts, building GpgFrontend from source code is a good option. I encourage people to freely build, -package and distribute their own versions. The method I build in major operating systems is as follows: - -Note: "$" Symbols indicate commands to should be executed with a normal user. - -```shell -$ git clone --recurse-submodules https://github.com/saturneric/GpgFrontend.git -``` - -### For Windows - -Before building, you need to install MSYS2. After installation, open the MSYS2 terminal (MSYS2 MinGW 64-bit), enter the -MSYS2 directory, and execute the following commands: - -```shell -pacman --noconfirm -S --needed mingw-w64-x86_64-gcc mingw-w64-x86_64-make mingw-w64-x86_64-cmake autoconf -pacman --noconfirm -S --needed make texinfo automake -pacman --noconfirm -S --needed mingw-w64-x86_64-qt6 libintl msys2-runtime-devel gettext-devel mingw-w64-x86_64-gpgme -pacman --noconfirm -S --needed mingw-w64-x86_64-ninja mingw-w64-x86_64-gnupg mingw-w64-x86_64-libarchive -``` - -After executing these commands, you will start compiling. - -```shell -$ cd GpgFrontend -$ mkdir build && cd build -$ cmake -G Ninja -DCMAKE_BUILD_TYPE="Release" .. -$ ninja -``` - -After compiling, a release directory will be generated, which contains executable files that can be run directly. - -```shell -$ ./artifacts/GpgFrontend.exe -``` - -### For macOS - -Install and compile dependencies. - -```shell -$ brew install cmake git autoconf automake qt@6 texinfo gettext [email protected] libarchive -$ brew install ninja -$ brew unlink gettext && brew link --force gettext -$ brew link qt@5 -``` - -Build the code separately for debug. - -```shell -$ cd GpgFrontend -$ mkdir build && cd build -$ cmake -G Ninja -DCMAKE_BUILD_TYPE="Debug" -DOPENSSL_ROOT_DIR=/usr/local/opt/[email protected] .. -$ ninja -$ ./artifacts/GpgFrontend # run the program -``` - -Build the code and make the App Bundle. - -```shell -$ cd GpgFrontend -$ mkdir build && cd build -$ cmake -G Ninja -DCMAKE_BUILD_TYPE="Release" -DOPENSSL_ROOT_DIR=/usr/local/opt/[email protected] .. -$ ninja -$ macdeployqt ./artifacts/GpgFrontend.app -``` - -### For Ubuntu 18.04 And Later - -Install and compile dependencies. - -```shell -$ sudo apt-get update -$ sudo apt-get -y install build-essential binutils git autoconf automake gcc-8 g++-8 ninja-build -$ sudo apt-get -y install gettext texinfo qt6-base-dev libqt6core5compat6-dev libgpgme-dev -$ sudo apt-get -y install libarchive-dev libssl-dev -$ sudo apt-get -y install gpg # If you need to run directly after building. -``` - -Compile and install libgpg-error/libassuan/gpgme. Notice: These component's version in third_party directory is -newer than those in apt. - -```shell -# libgpg-error -$ cd GpgFrontend -$ cd ./third_party/libgpg-error -$ ./autogen.sh -$ ./configure --enable-maintainer-mode && make -j$(nproc) -$ sudo make install -# libassuan -$ cd GpgFrontend -$ cd ./third_party/libassuan -$ ./autogen.sh -$ ./configure --enable-maintainer-mode && make -j$(nproc) -$ sudo make install -# gpgme -$ cd GpgFrontend -$ cd ./third_party/gpgme -$ ./autogen.sh -$ ./configure --enable-maintainer-mode --enable-languages=cpp && make -j$(nproc) -$ sudo make install -``` - -Build the code separately for debug(Please use ubuntu 18.04 or later). - -```shell -$ cd GpgFrontend -$ mkdir build && cd build -$ cmake -G Ninja -DCMAKE_BUILD_TYPE="Debug" .. -$ ninja -$ ./artifacts/GpgFrontend # run the program -``` - -Package the AppImage(Should use ubuntu 18.04). - -```shell -$ cd GpgFrontend -$ mkdir build && cd build -$ cmake -G Ninja -DCMAKE_BUILD_TYPE="Release" .. -$ ninja -$ mkdir ./AppImageOut -$ cd ./AppImageOut -$ wget -c -nv https://github.com/probonopd/linuxdeployqt/releases/download/continuous/linuxdeployqt-continuous-x86_64.AppImage -$ chmod u+x linuxdeployqt-continuous-x86_64.AppImage -$ ./linuxdeployqt-continuous-x86_64.AppImage ../artifacts/gpgfrontend/usr/share/applications/*.desktop -appimage -``` +You can view the developer documentations that is synchronized with the current +latest develop code. [Developer Document](https://doxygen.gpgfrontend.bktus.com) +will help you understand the source code and get involved more quickly in the +process of contributing to open source. ## Language Support If you find an error in any of the translations or need to add a new one, we welcome you to [join our translation -work](https://www.gpgfrontend.bktus.com/#/translate-interface). +work](https://www.gpgfrontend.bktus.com/#/contribute/translate-interface). ### Supported Languages -GpgFrontend currently supports a wide array of languages including: +GpgFrontend currently supports an array of languages including: - English - Chinese @@ -267,39 +78,18 @@ Please refer to [HERE](https://www.gpgfrontend.bktus.com/#/contract) for my cont Feel free to dive in! [Open an issue](https://github.com/saturneric/GpgFrontend/issues/new) or submit PRs if you prefer to use GitHub. For anonymous users, Git patches can be delivered by [mail](mailto:[email protected]). +[Contributing Guide](https://www.gpgfrontend.bktus.com/#/contribute/contribute) + ### Project Maintainer [@Saturneric](https://github.com/saturneric) ### Project's LOGO - + ## LICENSES GpgFrontend itself is licensed under the [GPLv3](COPYING). [](https://app.fossa.com/projects/git%2Bgithub.com%2Fsaturneric%2FGpgFrontend?ref=badge_large) - -### Dependencies and Acknowledgements - -GpgFrontend incorporates various libraries and binaries that come with their -unique licenses. For additional details or to obtain the source code, please -visit their respective homepages: - -- **GnuPG**: [https://gnupg.org](https://gnupg.org) -- **GPGME**: [https://gnupg.org/software/gpgme/index.html](https://gnupg.org/software/gpgme/index.html) -- **Qt (Open Source)**: [https://www.qt.io](https://www.qt.io) -- **MSYS2**: [https://www.msys2.org](https://www.msys2.org) -- **Mingw-w64**: [http://mingw-w64.org/doku.php](http://mingw-w64.org/doku.php) -- **AppImage**: [https://appimage.org](https://appimage.org) -- **macOS Application Bundles**: [Link](https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFBundles/BundleTypes/BundleTypes.html#//apple_ref/doc/uid/10000123i-CH101-SW1) -- **libarchive**: [https://www.libarchive.org](https://www.libarchive.org) -- **spdlog**: [https://github.com/gabime/spdlog](https://github.com/gabime/spdlog) -- **mimalloc**: [https://github.com/microsoft/mimalloc](https://github.com/microsoft/mimalloc) -- **Qt-AES**: [https://github.com/bricke/Qt-AES](https://github.com/bricke/Qt-AES) - -The icons utilized in this software are sourced from [Alibaba -Iconfont](https://www.iconfont.cn/). This vector icon library is free of use, -isn't registered as a trademark, has no copyright issues, and can be -commercially utilized. diff --git a/manual/_coverpage.md b/manual/_coverpage.md index d68ca1fa..677bcd99 100644 --- a/manual/_coverpage.md +++ b/manual/_coverpage.md @@ -1,16 +1,10 @@ - - -# GpgFrontend - ---- - - - -[](https://www.codacy.com/gh/saturneric/GpgFrontend/dashboard?utm_source=github.com&utm_medium=referral&utm_content=saturneric/GpgFrontend&utm_campaign=Badge_Grade) +<img width="180" height="180" align="center" src="https://image.cdn.bktus.com/i/2024/02/24/67473f4d-6cac-e0e2-3d60-f3400528ad8d.webp" alt="GpgFropntend"/> - **A Free, Easy-to-Use, Cross-Platform [OpenPGP](https://www.openpgp.org/) Crypto Tool.** - **One of the excellent GUI Frontends for Modern [GnuPG](https://gnupg.org/).** +--- + ## Brief Introduction - Rapidly encrypt files or text. @@ -27,6 +21,6 @@ [Manual](overview.md) [Document](https://doxygen.gpgfrontend.bktus.com) -<!-- 背景色 --> +<!-- Background Color -->  diff --git a/manual/_sidebar.md b/manual/_sidebar.md index 25af0716..89a4f1e8 100644 --- a/manual/_sidebar.md +++ b/manual/_sidebar.md @@ -1,28 +1,30 @@ - Getting Start - - [Overview](overview.md) - - [Quick Start](quick-start.md) - - [Downloads](downloads.md) - - [Fundamental Concepts](basic-concepts.md) -- Manual - - [Understand Interface](manual/understand-interface.md) - - [Encrypt & Decrypt Text](manual/encrypt-decrypt-text.md) - - [Symmetric Encrypt & Decrypt Text](manual/symmetric-encrypt-decrypt-text.md) - - [Sign & Verify Text](manual/sign-verify-text.md) - - [Encrypt & Decrypt File](manual/encrypt-decrypt-file.md) - - [Sign & Verify File](manual/sign-verify-file.md) - - [Generate Key Pair & Subkey](manual/generate-key.md) - - [View Key Pair Details](manual/view-keypair-info.md) - - [Import & Export Key Pair](manual/import-export-key-pair.md) - - [Key Server Operations](manual/key-server-operations.md) + - [Overview](overview.md) + - [Quick Start](quick-start.md) + - [Downloads](downloads.md) + - [Concepts for Beginners](basic-concepts.md) +- Basic Guides + - [Understand Interface](basic/understand-interface.md) + - [Encrypt & Decrypt Text](basic/encrypt-decrypt-text.md) + - [Symmetric Encrypt & Decrypt](basic/symmetric-encrypt-decrypt.md) + - [Sign & Verify Text](basic/sign-verify-text.md) + - [Encrypt & Decrypt File](basic/encrypt-decrypt-file.md) + - [Sign & Verify File](basic/sign-verify-file.md) + - [Generate Key Pair & Subkey](basic/generate-key.md) + - [View Key Pair Details](basic/view-keypair-info.md) + - [Import & Export Key Pair](basic/import-export-key-pair.md) + - [Key Server Operations](basic/key-server-operations.md) + - [System Requirement](basic/system-requirement.md) - Features Guides - - [Introduce](features/introduce.md) - - [Short Cipher-text](features/short-ciphertext.md) - - [Sync ALL Public Key](features/sync-all-public-keys.md) - - Export As Key Package -- Contribute - - [Translate Interface](translate-interface.md) - - Contribute Code + - [Introduce](features/introduce.md) + - [Sync ALL Public Key](features/sync-all-public-keys.md) + - [Export As Key Package](features/key-package.md) +- Contributions + - [Contribute to Translate](contribute/translate-interface.md) + - [Contribute to Development](contribute/contribute.md) + - [Setting Up Development Environment](contribute/setup-dev-env.md) - About - - [FAQ](faq.md) - - [Code & Binary Verify](about/code-binary-verify.md) - - [Contract](contract.md) + - [FAQ](faq.md) + - [Code & Binary Verify](about/code-binary-verify.md) + - [Contact Information](contract.md) + - [Dependencies](manual/dependencies.md) diff --git a/manual/about/code-binary-verify.md b/manual/about/code-binary-verify.md index 57949af0..0bd42b88 100644 --- a/manual/about/code-binary-verify.md +++ b/manual/about/code-binary-verify.md @@ -1,70 +1,72 @@ # Code & Binary Verify -Some users of this software have relatively high requirements for security, so here are instructions on how to verify -whether the code and executable files have been tampered with.If you find that the signature is incorrect, please stop -using it immediately. +To enhance the security and integrity of software distribution, it's crucial for +developers and users alike to employ methods for verifying the authenticity and +integrity of code and executable files. The process outlined below aims to +fortify trust in software distribution by leveraging digital signatures and +secure, automated build processes. -## Code compilation +### Automated Build Process -When you see the document, every binary file version released on github is automatically compiled after submission using **Github Actions**. The generation of the final code is completely done by Github Actions. I will not compile the code on my local machine, but may use my machine to sign the packaged code. The code for all release versions comes from the main branch of the Github repository. +Our software leverages **GitHub Actions** for automated compilations, ensuring +that every binary file version released is directly compiled from the source +code stored in the GitHub repository's main branch. This approach guarantees +that the compilation process is transparent, replicable, and free from manual +interference. The exact commands and environment configurations used during the +compilation are documented within the project's `.github/workflow/release.yml` +file, allowing for full accountability and reproducibility. -All commands and environment configuration at compile time can be consulted in the project -code(`.github/workflow/release.yml`). +### Third-Party Library Assurance -## Introduction of third-party libraries +To uphold our commitment to security, we do not include GnuPG in our major +releases and strictly avoid insecure or proprietary third-party libraries. +Instead, we only utilize third-party libraries that are open-source and have +been compiled from publicly accessible code repositories. This practice ensures +that our software remains secure and trustworthy. -For safety reasons, GnuPG will not be available in the major releases of GpgFrontned. GpgFrontnend will not use insecure or non-open source third-party libraries. The compiled version of the third-party library comes from the public code repository. +### Code Verification -## Verify Code +We encourage users to review our code to ensure its integrity and security. The +code for all releases is available on our GitHub repository. For any inquiries +or concerns, please feel free to contact us directly. Most new git commits are +signed with a designated key, which is also used for Git operations: `Saturneric +<[email protected]>`. This commitment to transparency allows users to verify the +authenticity of our code easily. -If you have the need, interest or time, you are welcome to review the code that I use and write. When you have any -questions, please feel free to [Contact ME](../contract.md). +#### Key Fingerprint -I will sign most new git commit. The key I use is the key that I use to perform Git related operations: -Saturneric\<[email protected]\>. It will be given at the end of this description. For information about signing git commits, you -can see it on the github interface. - -The fingerprint of the key is now given: - -```text +``` E3379489C39B7270E70E2E303AAF1C64137CEE57 ``` -## Verify Release Binary Verify - -### ZIP package Sign - -Starting from version 1.0.5, I will use the Gpg key to sign the ZIP package that contains the binary executable file. -Each ZIP compressed package will be accompanied by a signature file in the Release (end with sig suffix). You can use -the gpg command tool to verify them before use. - -The key used for binary signature is Saturneric\<[email protected]\>. This is my official key and will be given below. +### Binary File Verification -The fingerprint of the key is now given: +From version 1.0.5 onwards, we sign our packages containing the binary +executable files with a GPG key to further ensure security. Each package is +accompanied by a signature file in the release section (with a `.sig` suffix), +allowing users to verify the package before use using standard GPG tools. -```text -E3379489C39B7270E70E2E303AAF1C64137CEE57 -``` - -## Check on About Interface +#### About Interface Verification -There is an About interface under the help option in the top menu.You can check the version and platform of this binary -file. More importantly, you can view the github repository branch and commit hash code corresponding to the source code -used for compilation of this binary version on the second line. +Our software includes an "About" interface accessible from the help menu, +providing users with information about the software version, platform, and the +specific GitHub repository branch and commit hash used for compiling the binary. +This feature adds an extra layer of transparency and verification for users. - +### Public Key for Verification -## Pubkey Mentioned Above +Below is the public key used for signing the commits and binary files, which can +be used to verify the authenticity of our releases: -#### Fingerprint +#### Key Fingerprint -```text +``` E3379489C39B7270E70E2E303AAF1C64137CEE57 ``` -#### Pubkey Content (OpenPGP) +#### Public Key (OpenPGP) -```text +``` -----BEGIN PGP PUBLIC KEY BLOCK----- mQGNBGCVnvEBDACuEcjxckb4rocHGU7VPT/OOOOZapNG/0ViB3XhmzNh7q8QJiq6 @@ -148,5 +150,9 @@ v3fSDNozRpd0LXK7J4QGwtOBVivNf7XDQOx5ZXbh/HTQuTG2/8FMCbwUwPYFLx07 hHHFn9+/wu20 =bgvm -----END PGP PUBLIC KEY BLOCK----- +``` -```
\ No newline at end of file +This comprehensive approach to security, including automated builds, careful +selection of third-party libraries, and transparent verification methods, +ensures that users can trust the software they are using while also providing +the tools needed to verify that trust independently. diff --git a/manual/basic-concepts.md b/manual/basic-concepts.md index 7e397d2a..03da79fa 100644 --- a/manual/basic-concepts.md +++ b/manual/basic-concepts.md @@ -1,53 +1,88 @@ -# Fundamental Concepts +# Fundamental Concepts for Beginners -If you're unfamiliar with GPG or PGP, it would be beneficial to learn some -fundamental concepts before using GpgFrontend. This can help prevent potential -mistakes, such as accidentally sharing your private key. +If you're new to GPG (GNU Privacy Guard) or PGP (Pretty Good Privacy), it's +essential to understand some key concepts before diving in. This knowledge can +help you avoid common pitfalls, such as accidentally sharing your private key, +and ensure your communications remain secure. -## Essential Concepts +## Key Concepts of GPG/PGP -Before you start using GPG, you need to generate a key pair, analogous to a key -ring. Each key pair comprises at least two keys: a public key and a -corresponding private key. It is possible for a key pair to contain multiple -public keys and their associated private keys, which we'll discuss later. +### Key Pair Basics -The public key can be shared with others, allowing them to encrypt data they -want to send you. Conversely, the private key should remain confidential since -its exposure can compromise your encryption. +In the world of GPG/PGP, everything starts with a key pair. Think of a key pair +like a set of two uniquely related keys on a key ring: -It's vital to understand that the public key is used for encryption, and the -ciphertext encrypted with your public key can only be decrypted using your key -pair's corresponding private key. This process is based on cryptographic -principles and is reliable unless your private key gets compromised. Similarly, -you can encrypt a message with your private key, and someone else can decrypt it -using your public key, establishing a signature verification mechanism. +- **Public Key**: This is like your home address that you can share with anyone. + Others will use it to send you encrypted messages or verify your digital + signature. +- **Private Key**: This is akin to the key to your house. It must be kept secret + because it can decrypt the messages sent to you or sign messages from you. -While understanding the underlying cryptography of GPG isn't necessary for most -users, remembering these basic principles can be beneficial. +#### Why Both Keys? -## Multiple Pairs of Public and Private Keys in a Key Pair +The magic of this system lies in its use of cryptographic algorithms. Data +encrypted with your public key can only be decrypted by your private key, and +vice versa. This ensures that only the intended recipient can read the message, +and it can verify the sender's identity if a signature is used. -A key pair always contains at least one public-private key pair, but there's no -maximum limit. It's possible to generate additional public and private subkeys -to add to the key pair. Each pair consists of one public key and one private -key, which we refer to as the primary key pair. +### Generating Your Key Pair -Users can specify the purpose of each subkey pair. For instance, the first pair -can be used for encryption and decryption, the second for signing and -verification, and so forth. It's important to define the intended usage when -generating subkeys. +Before you can start encrypting or signing anything, you need to generate your +key pair. This process involves choosing a cryptographic algorithm (like RSA or +DSA) and often setting a key size (with larger sizes being more secure but +slower). -The primary key is automatically generated when creating the key pair, and users -can add subkeys as needed. When generating the primary key or subkeys, users can -select algorithms such as RSA or DSA. +#### Safety First -## The First Pair of Public and Private Keys in a Key Pair (Primary Key) +When creating your key pair, you'll also be asked to enter a passphrase. This +adds an extra layer of security, as the passphrase will be needed to access your +private key. Choose a strong, memorable passphrase to protect your key. -The initial public-private key pair (primary key) in a key pair is crucial as -all subsequent subkeys are tied to it. If the primary key is compromised, they -could generate subkeys based on that information and impersonate the key owner. +### Understanding Subkeys -Therefore, it's crucial to keep the primary key's private key confidential, -while the public key can be shared. If the private key of the primary key is -compromised, it makes the entire key pair vulnerable and its use should be -immediately discontinued.
\ No newline at end of file +A GPG key pair doesn't have to be limited to just one public and one private +key. You can generate subkeys for specific purposes, such as: + +- **Encryption Subkey**: Used solely for encrypting and decrypting messages. +- **Signing Subkey**: Used for creating and verifying digital signatures. + +Subkeys are tied to your primary key pair but can be revoked or replaced +independently, which is useful if a subkey is compromised but your primary key +remains secure. + +### The Role of the Primary Key + +Your primary key pair is the foundation of your GPG identity. All subkeys are +associated with this primary pair. The primary key is typically used for +signing, to establish trust within the network, and to certify subkeys. + +#### Protect Your Primary Key + +If your primary private key is compromised, the entire security of your key ring +is at risk. Therefore, it's crucial to: + +- Keep your primary private key in a secure location. +- Use subkeys for day-to-day encryption and signing tasks. +- Consider using hardware security modules (HSMs) or smart cards to store keys + securely. + +## Best Practices for Beginners + +1. **Backup Your Keys**: Securely backup your private keys (especially the + primary one) in case of hardware failure or loss. +2. **Use Strong Passphrases**: Your key's security is only as good as your + passphrase. Use a long, complex passphrase that is difficult to guess. +3. **Regularly Update Your Keys**: Over time, cryptographic standards evolve. + Regularly review and update your keys and algorithms to ensure they remain + secure. +4. **Learn Key Management**: Practice importing, exporting, revoking, and + verifying keys. Good key management habits are crucial for maintaining your + security over time. +5. **Engage with the Community**: The GPG/PGP community is vast and supportive. + Join forums, read blogs, and participate in discussions to learn from + experienced users. + +By understanding these fundamental concepts and adhering to best practices, +you'll be well on your way to securely using GPG/PGP. Remember, the goal is to +protect your communications and identity in the digital world, and a solid grasp +of these basics is the first step.
\ No newline at end of file diff --git a/manual/basic/dependencies.md b/manual/basic/dependencies.md new file mode 100644 index 00000000..ac3ae52d --- /dev/null +++ b/manual/basic/dependencies.md @@ -0,0 +1,21 @@ +# Dependencies and Acknowledgements + +GpgFrontend incorporates various libraries and binaries that come with their +unique licenses. For additional details or to obtain the source code, please +visit their respective homepages: + +- **GnuPG**: [https://gnupg.org](https://gnupg.org) +- **GPGME**: [https://gnupg.org/software/gpgme/index.html](https://gnupg.org/software/gpgme/index.html) +- **Qt (Open Source)**: [https://www.qt.io](https://www.qt.io) +- **MSYS2**: [https://www.msys2.org](https://www.msys2.org) +- **Mingw-w64**: [http://mingw-w64.org/doku.php](http://mingw-w64.org/doku.php) +- **AppImage**: [https://appimage.org](https://appimage.org) +- **macOS Application Bundles**: [Link](https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFBundles/BundleTypes/BundleTypes.html#//apple_ref/doc/uid/10000123i-CH101-SW1) +- **libarchive**: [https://www.libarchive.org](https://www.libarchive.org) +- **spdlog**: [https://github.com/gabime/spdlog](https://github.com/gabime/spdlog) +- **mimalloc**: [https://github.com/microsoft/mimalloc](https://github.com/microsoft/mimalloc) +- **Qt-AES**: [https://github.com/bricke/Qt-AES](https://github.com/bricke/Qt-AES) + +The icons utilized in this software are sourced from [Alibaba Iconfont](https://www.iconfont.cn/). +This vector icon library is free of use, isn't registered as a trademark, has no +copyright issues, and can be commercially utilized. diff --git a/manual/manual/encrypt-decrypt-file.md b/manual/basic/encrypt-decrypt-file.md index 0f99e432..77e66194 100644 --- a/manual/manual/encrypt-decrypt-file.md +++ b/manual/basic/encrypt-decrypt-file.md @@ -21,9 +21,11 @@ the program's settings. ## File Browser From the top menu's "File" option, you can access the file browser by pressing -Ctrl/Command + B. By using the file browser, you can navigate to your working -directory and right-click on the file you wish to work with. This will open a -pop-up menu, where you can select the operation you want to perform on the file. +Ctrl/Command + B. After choosing target directory at system navigator, you +can then use the file browser tab to do some operations on files. By using the +file browser, you can navigate to your working directory and right-click on the +file you wish to work with. This will open a pop-up menu, where you can select +the operation you want to perform on the file.  diff --git a/manual/manual/encrypt-decrypt-text.md b/manual/basic/encrypt-decrypt-text.md index 0e28122e..14074d07 100644 --- a/manual/manual/encrypt-decrypt-text.md +++ b/manual/basic/encrypt-decrypt-text.md @@ -1,9 +1,57 @@ # Encrypt & Decrypt Text -To begin encryption and decryption operations, you must first prepare your plain -text. Additionally, you will need a public key that is capable of performing -encryption operations. Information on how to generate such a key can be found in -the chapter on generating a key pair. +The processes of encryption and decryption are fundamental to ensuring the +privacy and security of digital communications. GpgFrontend, a graphical +interface for GnuPG, simplifies these operations, making it accessible for users +to securely encrypt and decrypt text. Before diving into the specifics of how +GpgFrontend facilitates these operations, it's essential to understand the +underlying concepts and the prerequisites for encryption and decryption. + +Encryption is the process of converting plain text into a scrambled format known +as ciphertext, which is unreadable to anyone except those who possess the +correct key to decrypt it. This transformation is done using an encryption +algorithm and a key. In the context of GpgFrontend and most modern encryption +practices, this key is the recipient's public key. A public key is part of a key +pair that includes a private key; together, they are used in asymmetric +encryption, a cornerstone of modern cryptography. + +To initiate encryption with GpgFrontend, the sender must first have access to +the recipient's public key. This key is used to encrypt the message, ensuring +that only the recipient, who holds the corresponding private key, can decrypt +and read the message. The public key can encrypt messages, but cannot decrypt +them. This is a crucial aspect of asymmetric cryptography: it allows anyone to +send encrypted messages to the key owner without being able to decrypt messages +encrypted with that same public key. + +Generating a key pair is the first step in being able to engage in these secure +communications. This process usually involves choosing a key type and size, with +larger keys offering higher security. Once generated, the key pair consists of a +private key, which must be kept secure and confidential, and a public key, which +can be shared with anyone who wishes to send you encrypted messages. + +Decrypting a message with GpgFrontend requires the private key corresponding to +the public key used for encryption. Upon receiving an encrypted message, the +recipient uses their private key with GpgFrontend to decrypt the ciphertext back +into readable plain text. This decryption process is secure because the private +key is never shared, and it is computationally infeasible for an attacker to +derive the private key from the public key or the encrypted message. + +GpgFrontend streamlines these operations, providing a user-friendly interface +that abstracts the complexities of cryptographic operations. Users can easily +import public keys, encrypt messages or files for specific recipients, and +decrypt incoming messages or files using their private keys. This makes +GpgFrontend an invaluable tool for anyone needing to secure their digital +communications, from sensitive personal correspondence to confidential business +communications. + +In summary, encryption and decryption with GpgFrontend rely on the foundational +principles of asymmetric cryptography, where a public key is used for +encryption, and a corresponding private key is used for decryption. Before +engaging in these operations, users must generate a key pair and share their +public key with those from whom they wish to receive encrypted messages. This +setup ensures that only intended recipients can read the contents of encrypted +communications, providing a robust framework for privacy and security in the +digital age. ## Encrypt @@ -12,20 +60,6 @@ key. Remember that whoever you want to send it to encrypts it with whose public key. For people who don't use gpg very often, they often get confused and use their own keys to encrypt ciphertext. -Note that if you want to encrypt your text and send it to "foo", you need to -know foo's public key first. Then you need to encrypt your text with foo's -public key instead of using your public key. Before encrypting, check to see if -the public key has cryptographic capabilities. This can be viewed in the usage -column of the key toolbox (the letter E stands for encryption). - -It is worth mentioning that if you only use foo's public key to encrypt the -ciphertext, no one but foo's own private key can decrypt the ciphertext. There -is a situation where you want ciphertexts to be decrypted by multiple people ( -including yourself), please check their corresponding public keys before doing -so. After an encryption operation, if you misuse (some people's public keys are -found to be missing), you can use the undo operation to restore your original -ciphertext before closing GpgFrontend. - ### Only Encrypt In this case, you only encrypt the ciphertext, which results in a shorter @@ -37,7 +71,7 @@ After the encryption operation, no additional information will be displayed in the information board except for a prompt indicating whether the operation was successful. - + ### Encrypt Sign @@ -63,8 +97,7 @@ The ciphertext generated by this operation is longer than ciphertext generated by only encryption because of the additional signature information attached to it. After the operation is complete, information about the cryptographic and signature operations will be displayed in the Infomation Board, including -information about the signature pattern and algorithm used. Note that the dates -used in the signature messages are in UTC, not your local time. +information about the signature pattern and algorithm used. To verify the authenticity of the ciphertext before decryption, you can use the validate operation. Once the ciphertext is verified, you can proceed with @@ -79,7 +112,7 @@ into GpgFrontend, and it will automatically select the appropriate private key for decryption. It is important to note that decryption must be performed with the private key associated with the public key used for encryption. - + When decrypting a ciphertext, it is not necessary to check the usage column in the key toolbox to determine if the key is valid for decryption. Instead, you @@ -91,13 +124,13 @@ failure message. ## Decrypt Verify -During decryption with verification, GPG will check the signature attached to +During decryption with verification, gpg will check the signature attached to the ciphertext to ensure its authenticity. This provides an additional layer of security and helps to prevent tampering with the encrypted message. To perform decryption with verification, you need to select a file with a ".gpg" or ".asc" extension, which contains the ciphertext and signature content. If the -signature is valid, GPG will decrypt the message and display it in plain text. +signature is valid, gpg will decrypt the message and display it in plain text. Otherwise, it will display an error message indicating that the signature is not valid. @@ -108,4 +141,4 @@ always verify the signature during decryption, regardless of whether the encryptor has signed in advance. This helps to ensure the authenticity and integrity of the decrypted message. - + diff --git a/manual/manual/generate-key.md b/manual/basic/generate-key.md index 833d080a..29d52ca5 100644 --- a/manual/manual/generate-key.md +++ b/manual/basic/generate-key.md @@ -6,7 +6,7 @@ To generate a key pair using GpgFrontend, follow these steps: 1. Open GpgFrontend and click on the "Generate Key" button. 2. Fill in the required information, such as your name and email address. -3. Choose the type of key you want to generate (RSA or ECC). +3. Choose the type of key you want to generate (RSA, DSA or ECC). 4. Set the key size and expiration date, if desired. 5. Create a passphrase to protect your private key. 6. Click "Generate" to create your key pair. @@ -116,35 +116,88 @@ It is possible to append subkeys to an existing key pair. The subkey does not require the input of a name, email, or comment, as the remaining steps are essentially identical to those for generating a key pair. - + ### Extra note Below are some guidelines that may prove useful in comprehending the aforementioned concepts and utilizing this tool accurately. -#### primary key & Subkey - -A single primary key can be accompanied by several subkeys within a key pair. -This setup mitigates the risk of key leakage. In the event that a subkey is -exposed, it can be revoked promptly, thus limiting the damage. However, if the -primary key is leaked, the entire key pair becomes vulnerable, as the primary -key enables management of the entire key pair. - -Hence, it is advisable to generate multiple subkeys upon creating the key pair -and store the master key separately in a secure location. This operation is not -yet supported by GpgFrontend; therefore, the gpg command must be used to carry -it out. However, GpgFrontend can detect and notify the user whether the primary -key exists or not, which is critical since certain actions, such as adding -subkeys or signing other keys, necessitate the presence of the primary key. - -#### Some practical tips - -Once generated, the primary key's intended purpose cannot be altered. However, -if a subkey has been designated for a specific purpose that the primary key -lacks, the key pair can still be utilized for activities related to that -purpose. - -For instance, suppose you overlooked the encryption usage while creating the key -pair. In that case, generating a subkey and configuring it for encryption usage -would enable the key pair to perform encryption operations. +#### Understanding Primary Keys and Subkeys + +In the realm of cryptography, key management plays a crucial role in ensuring +data security. A key pair consists of a primary key and one or more subkeys, +each serving distinct functions yet working together to secure and manage +digital identities and communications. This structure not only enhances security +but also provides flexibility in key usage and management. + +#### The Role of Primary Key and Subkeys + +- **Primary Key**: The primary key is the cornerstone of your cryptographic + identity. It is used for identity verification, which includes signing other + keys to establish trust. The primary key's signature on a subkey validates the + subkey's association with the identity of the primary key holder. + +- **Subkeys**: Subkeys are associated with the primary key and are used for + encryption and signing documents or messages. Subkeys can be thought of as + extensions of the primary key, each designated for specific tasks. This + separation of duties allows for greater security and operational flexibility. + For example, you can have separate subkeys for signing and encryption. + +#### Advantages of Using Subkeys + +1. **Enhanced Security**: By using subkeys for day-to-day operations, you + minimize the risk associated with key exposure. If a subkey is compromised, + it can be revoked without affecting the primary key or other subkeys, thereby + limiting the potential damage. + +2. **Operational Flexibility**: Subkeys allow for specific roles (e.g., signing, + encryption) to be isolated. This means you can renew or revoke subkeys as + needed without disrupting the overall cryptographic setup. + +3. **Convenient Key Rotation**: Regularly updating keys is a best practice in + cryptography. Subkeys make it easier to rotate keys for signing and + encryption without needing to re-establish the primary key's trust + relationships. + +#### Managing Primary Keys and Subkeys + +- **Secure Storage**: The primary key should be stored in a highly secure + location, preferably offline or in a hardware security module (HSM), to + prevent unauthorized access. This is because the loss or compromise of the + primary key jeopardizes the entire cryptographic framework. + +- **Key Generation and Maintenance**: While tools like GpgFrontend provide + user-friendly interfaces for managing keys, they may lack support for advanced + operations like generating multiple subkeys. Therefore, using the command-line + `gpg` tool for such tasks is advisable. Despite this limitation, GpgFrontend + can play a critical role in monitoring the presence of the primary key, which + is essential for certain operations like adding subkeys or signing other keys. + +- **Revocation and Renewal**: Prepare revocation certificates for your primary + key and subkeys in advance. In case of key compromise or expiration, these + certificates allow you to invalidate the keys, informing others in your trust + network not to use them anymore. + +#### Practical Tips for Effective Key Management + +- **Purpose-Specific Subkeys**: If your primary key was not generated with + certain capabilities (e.g., encryption), you can create a subkey with the + required functionality. This allows the key pair to be used for the intended + cryptographic operations without regenerating the primary key. + +- **Multiple Subkeys for Different Devices**: For users operating across + multiple devices, generating separate subkeys for each device can enhance + security. If one device is compromised, only the subkey on that device needs + to be revoked, leaving the others unaffected. + +- **Backup and Recovery**: Regularly back up your key pair, including the + primary key and all subkeys. Secure backups ensure that you can recover your + cryptographic capabilities even in the event of hardware failure or data loss. + +In summary, understanding and implementing a robust key management strategy, +with a clear distinction between primary keys and subkeys, is essential for +maintaining the integrity and security of cryptographic operations. By adhering +to best practices for key usage, storage, and renewal, users can safeguard their +digital identities and ensure the confidentiality and authenticity of their +communications. diff --git a/manual/manual/import-export-key-pair.md b/manual/basic/import-export-key-pair.md index a8d5d2d6..d98dc23e 100644 --- a/manual/manual/import-export-key-pair.md +++ b/manual/basic/import-export-key-pair.md @@ -9,13 +9,13 @@ To access the import options, navigate to the toolbar and select the desired method based on your specific requirements. Additionally, you can access additional options by selecting the action menu in the key management section. - + In fact, you can find the action menu in the key management section, which provides access to additional key management options beyond those available in the toolbar. - + ### File @@ -32,7 +32,7 @@ GpgFrontend will automatically recognize and import the corresponding key. You can copy the contents of a key to your system clipboard and then select this option to import the corresponding key. -### Keyserver +### Key server This feature enables users to search for and import public keys from a key server. Users must first enter the email or ID associated with the desired key @@ -80,7 +80,7 @@ shown in the screenshot below. This will save the data to a file. Before proceeding, please make sure to choose a suitable directory to store the file containing the public key data. - + ### Export multiple public keys at once @@ -89,7 +89,7 @@ pairs on the key management interface and click on the "Export to Clipboard" option. This will copy the data to your system clipboard, which you can then paste into any application or file. - + ### Export Private Key @@ -98,7 +98,7 @@ contains the private key (either the primary key or subkey). From there, you can select a destination and GpgFrontend will export the corresponding private key content to that location. - + Exporting the private key also exports both the public key and private key data, as the private key data alone is meaningless without the corresponding public @@ -111,8 +111,3 @@ You can export the private key data in your key pair in two ways. 1. Full export: Include all key data and UID and UID signature in the key pair. 2. Minimal export: Only all key data in the key pair is included. - -### Securely export and transfer as a Key Package - -To securely transfer private key or public key data of multiple key pairs -between your PC devices, you can package them into a Key Package.
\ No newline at end of file diff --git a/manual/manual/key-server-operations.md b/manual/basic/key-server-operations.md index baef6563..ed4cf409 100644 --- a/manual/manual/key-server-operations.md +++ b/manual/basic/key-server-operations.md @@ -1,41 +1,70 @@ # Key Server Operations -There are certain scenarios where you require encrypted communication but only -have the recipient's email address and do not possess the recipient's public -key. Additionally, in the event that your key has been inadvertently exposed, it -becomes necessary to notify the holders of your public key to discontinue its -use for sending encrypted information. In such cases, the key server can be -utilized to facilitate key information sharing. You can upload your public key -information to the key server, or search and retrieve the required public key -using email addresses or key IDs. - -Upon uploading your public key information to the key server, it is transmitted -across key servers globally, making it accessible to individuals worldwide. -GpgFrontend features key server interaction capabilities, which enable users to -rapidly share their public key, search for and import required public keys using -mouse operations. It is essential to note that once public key information is -uploaded to the key server, it cannot be deleted and will be retained -indefinitely. However, the public key of the old key pair can be overwritten by -updating when a subkey is added to the key pair. +Key servers play a pivotal role in the ecosystem of encrypted communication, +serving as a centralized repository for public key information. These servers +enable individuals to share and retrieve public keys necessary for encrypted +messaging, even when direct exchange is not feasible. Key servers are +particularly useful in scenarios where secure communication needs to be +established without prior direct contact, or when a user's public key needs to +be widely distributed or updated due to security concerns. + +When you wish to send an encrypted message but lack the recipient's public key, +key servers offer a solution by allowing you to search for and retrieve the +public key associated with the recipient's email address or key ID. This process +facilitates the encryption of messages in a way that ensures only the intended +recipient, who possesses the corresponding private key, can decrypt and read the +message. + +Moreover, key servers are integral to maintaining the integrity and +trustworthiness of the public key infrastructure. If a user's private key is +compromised, it is crucial to inform others not to use the associated public key +for encrypting messages anymore. By uploading a new public key to a key server +and marking the old one as obsolete or compromised, users can mitigate the risks +associated with the exposure of their private key. + +The functionality of key servers is enhanced by software tools such as +GpgFrontend, which simplifies the process of managing public keys. With +GpgFrontend, users can effortlessly upload their public key to key servers, +search for other users' public keys using an email address or key ID, and import +these keys for use in encrypted communication. The software's user-friendly +interface enables these operations to be performed with just a few mouse clicks, +making encrypted communication more accessible to a broader audience. + +It is important to note that once public key information is uploaded to a key +server, it is propagated across a network of key servers worldwide, making it +available to anyone who searches for it. This wide distribution ensures that +encrypted communication can be established easily across different platforms and +geographical locations. However, users should be aware that public keys uploaded +to key servers cannot be deleted, emphasizing the importance of careful key +management. In situations where a key needs to be updated, such as when adding a +subkey to a key pair, the new key information can overwrite the old one on the +server, thus maintaining the security and relevance of the key information +available to the public. + +In summary, key servers are essential for the secure and efficient exchange of +encrypted messages, offering a reliable method for sharing and retrieving public +keys. They support the integrity of secure communications by facilitating the +widespread distribution of public keys and enabling users to update or replace +keys when necessary. ## Import Public Key From Key Server In the main page or in the key manager's Import key operation mode, there is a key server option. After selecting this option you can see such an interface. - + You can get a list of public keys associated with a key server by searching for Key ID, fingerprint or email address via the search box. If there is a suitable public key in the list, you can import it by double-clicking it. - + When the import is complete, you can check whether the public key is actually imported through the pop-up window (no need to import when the local public key is newer), and you can also check some brief information about the public key. - + It is important to note that the public key you import may have expired or been revoked. You can check the status of the key by navigating to the category tab @@ -45,7 +74,7 @@ the public key information from. To modify or add to this list of candidate servers, please refer to the last section of this document: Key server related settings. -## Export My Public Key To The Keyserver +## Export My Public Key To The Key Server If the current key pair has a master key, you have the option to publish the public key information to a key server. It is important to note that in order to @@ -58,7 +87,7 @@ and the function being performed. You can find the entry of this operation through the operation tab of the key pair detail interface, as shown in the following figure. - + Perform the operation by clicking Upload key pair to key server. Note that the naming of operations here is a bit confusing, but this is where your public key @@ -74,15 +103,13 @@ one). As above, you can find this action in the Actions tab of the key pair details screen, as shown in the image below. -### Extra Information - -Gpg Frontend will upload the public key information to the default key server +GpgFrontend will upload the public key information to the default key server you set. The private key information is not uploaded and should not be manually uploaded anywhere by the user. Refer to the last section of this document on how to set the default key server. - + The "Synchronize key pair with key server" function allows for automatic retrieval of public key information from the key server, which is then compared @@ -112,7 +139,7 @@ by accessing the Settings interface and navigating to the Key Servers tab. Here, you will find options for managing your key server candidate list and determining which key server is set as the default. - + To add a candidate key server to the list, simply enter the http or https address of the key server you wish to add into the input box and click "Add". It @@ -134,4 +161,4 @@ steps. First, locate the candidate key server you want to set as the default in the table. Then, right-click the row of the corresponding key server, and click "Set as Default" in the pop-up menu. Once set, you can verify whether a candidate key server is the default key server by checking the first column of -the table.
\ No newline at end of file +the table. diff --git a/manual/basic/sign-verify-file.md b/manual/basic/sign-verify-file.md new file mode 100755 index 00000000..91d10093 --- /dev/null +++ b/manual/basic/sign-verify-file.md @@ -0,0 +1,101 @@ +# Signing & Verifying Files + +GpgFrontend extends its utility from handling text-based operations to +facilitating file operations with ease and security. The principle behind +signing and verifying files mirrors that of text, leveraging the robust +framework of digital signatures. However, a significant distinction lies in the +nature of the input and output for file operations, which can be binary, +accommodating a wider range of file types beyond simple text documents. + +When signing a file using GpgFrontend, the software utilizes the private key of +the user to create a digital signature. This process begins by computing a hash +of the file's contents, regardless of whether the file is a document, image, +executable, or any other binary format. This hash serves as a compact +representation of the file's data. Subsequently, the hash is encrypted with the +user's private key, producing a digital signature unique to both the file and +the key used. The resulting signature can either be attached to the file or +stored separately, depending on the user's preference and the requirements of +the application. + +Verifying a signed file with GpgFrontend involves the corresponding public key +of the private key that was used for signing. The verification process decrypts +the digital signature using this public key to extract the original hash value +that was generated during the signing. Simultaneously, the software computes a +new hash from the file that is purported to be authentic. By comparing these two +hash values, GpgFrontend can determine if the file has been altered after it was +signed. If the hashes match, it confirms the file's integrity and authenticity, +assuring the recipient of its untampered state and the signer's identity. + +This binary capability of file operations in GpgFrontend not only broadens the +scope of digital signatures to encompass a variety of file types but also +ensures that the integrity and authenticity verification process is not limited +to text-based data. It provides a critical layer of security in digital +communications, where files of all kinds are shared and exchanged with the +expectation of privacy and trust. + +The application of digital signatures to files through tools like GpgFrontend is +especially relevant in scenarios where the authenticity of the file source and +the integrity of its contents are paramount. This includes software +distribution, where verifying the source and integrity of software packages is +crucial to prevent malware distribution; document sharing in legal and financial +contexts, where tampering could have serious implications; and multimedia +content distribution, where copyright and ownership are significant concerns. + +In summary, GpgFrontend's support for signing and verifying files elevates the +security of digital file exchanges by applying the principles of cryptography in +a user-friendly manner. By accommodating binary file operations, it ensures that +digital signatures are accessible and applicable across a broad spectrum of file +types, reinforcing the pillars of trust and security in digital communications. + +## Introduction to File Extensions + +For ASCII-formatted ciphertext, the filename suffix is usually "asc", and these +files can be opened directly with a text editor. However, if the ciphertext is +binary, its file extension will be "sig" or "gpg". Typically, binary ciphertext +files are smaller than ASCII-formatted ones. + +Prior to v2.0.4, the ciphertext files generated by GpgFrontend were all in ASCII +format. But starting with v2.0.4, GpgFrontend defaults to generating +binary-formatted ciphertext files. You can modify this setting in the settings. + + + +## File Browser + +You can open the file browser (Ctrl/Command + B) via the top menu file option. +After selecting a target directory at system navigator, you can get a new File +browser tab. Using the file browser, navigate to your working directory. Then, +right-click the file you wish to operate on, and select the desired operation +from the pop-up menu. + + + +Two control buttons are located at the top of the file tab. The one on the left +allows you to go up a level, and the one on the right enables you to enter or +refresh the corresponding path in the input box on the left. + +On the far right is a button offering useful options, such as displaying system +files or hidden files. + + + +### Sign + +Through the right-click menu, you can rapidly sign a file. This operation will +generate a file with a "sig" or "asc" suffix, which contains the signature +content. In this scenario, you need to pass both this file and the original file +to the other party to allow them to verify it. + + + +### Verify + +This operation requires you to select a file with a "gpg" suffix (this may be +invalid for binary file ciphertext) or a file with a "sig" suffix for +verification. + +When selecting a file with the "sig" suffix, ensure that the source file is also +present in this directory. This implies that the source file's name is simply +missing a "sig" suffix. + + diff --git a/manual/basic/sign-verify-text.md b/manual/basic/sign-verify-text.md new file mode 100644 index 00000000..594942d1 --- /dev/null +++ b/manual/basic/sign-verify-text.md @@ -0,0 +1,102 @@ +# Signing & Verifying Text + +Digital signatures, much like their analog counterparts, serve as a method for +asserting the authenticity and integrity of a digital document or message. +However, unlike traditional signatures, digital signatures offer a much higher +level of security, making it possible to ascertain not only the identity of the +signer but also whether the content has been tampered with since it was signed. + +The foundation of digital signing and verification lies in the field of public +key cryptography, a cornerstone of modern secure communication. This system +relies on two keys: a private key, which is kept secret by the owner, and a +public key, which can be shared with anyone. To sign a document, the signer uses +their private key to generate a digital signature on the document. This +signature is unique to both the document and the private key, ensuring that any +changes made to the document after it has been signed can be detected. + +Verification, on the other hand, requires the corresponding public key. When a +document is received along with its digital signature, the recipient can use the +signer's public key to verify the signature. This process checks that the +signature matches the document and was created with the private key +corresponding to the public key. If the document has been altered after signing, +the verification will fail, alerting the recipient to the tampering. + +One of the advantages of digital signatures is the ability to use multiple +private keys for signing a document, similar to having a document signed by +multiple parties. Each signer uses their private key to sign the document, and +each signature can be independently verified with the corresponding public key. +This method is particularly useful in scenarios requiring the approval or +authorization of multiple entities. + +Digital signatures are a critical component of secure communications, providing +assurances of authenticity, integrity, and non-repudiation. Non-repudiation +means that a signer cannot later deny the authenticity of the signature on a +document they signed. This is especially important in legal, financial, and +sensitive communications, where trust and authenticity are paramount. + +Tools like GpgFrontend facilitate the process of creating and verifying digital +signatures in a user-friendly manner. GpgFrontend is built on top of the OpenPGP +standard, which is a widely accepted protocol for encryption and digital +signatures. The tool allows users to easily manage their encryption keys, sign +documents, and verify the signatures of received documents, thereby enhancing +the security and trustworthiness of digital communications. + +In summary, digital signing and verification through tools like GpgFrontend +leverage public key cryptography to ensure the security and integrity of digital +communications. By enabling users to sign documents with their private keys and +allowing others to verify those signatures with corresponding public keys, +digital signatures provide a robust mechanism for authenticating the origin and +integrity of digital documents, far surpassing the capabilities of traditional +handwritten signatures. + +## Signature Only + +By signing the text, you establish that you are the sole and unalterable +authority for this text. You can simply sign the text without encrypting it as +follows: + + + +To check whether a key can be used for signing, please review the 'Usage' column +in the key toolbox on the right (the letter 'S' stands for signature). + +## Signature with Encryption + +You also have the option to sign and encrypt at the same time by choosing a +public key for encryption and your private key for signing. This is a common +practice where you select two key pairs: one belonging to someone else for +encryption, and your private key for signing. If you don't select a key for +signing, only encryption is possible, but you will receive a warning. It's worth +noting that combining signing with encryption provides an additional layer of +security as it assures the recipient that the message hasn't been altered and it +came from the sender whose identity is verified by the digital signature. + + + +## Verification + +Once you have a plaintext and its corresponding signature, you can verify the +signature using the signer's public key. However, this type of signature isn't +suitable for emails as it can make the email less readable. + + + +To verify a signature with text, you need to have the corresponding public key +for all included signatures. If a suitable public key for a signature isn't +found locally during verification, GpgFrontend will prompt you to import it. + + + +## Verification with Decryption + +When decrypting a ciphertext, it's advised to verify it simultaneously, +regardless of whether the encryptor signed it or not. It's impossible to +determine from the ciphertext's format if it has been signed. Therefore, it's a +good habit to always perform decryption operations with verification whenever +possible. + + diff --git a/manual/basic/symmetric-encrypt-decrypt.md b/manual/basic/symmetric-encrypt-decrypt.md new file mode 100644 index 00000000..7436fd02 --- /dev/null +++ b/manual/basic/symmetric-encrypt-decrypt.md @@ -0,0 +1,60 @@ +# Symmetric Encryption & Decryption of Text & File + +## About Symmetric Encryption & Decryption + +Symmetric encryption, in contrast to asymmetric encryption, uses a single key +for both the encryption of plaintext and the decryption of ciphertext. This +method is characterized by its simplicity and speed, making it a popular choice +for encrypting large volumes of data or for scenarios where the sharing of keys +between the sender and receiver can be securely managed. GpgFrontend provides a +user-friendly interface for implementing symmetric encryption, streamlining the +process for users who may not be familiar with the intricacies of cryptographic +operations. + +The process of symmetric encryption with GpgFrontend begins when a user opts to +encrypt data without selecting a recipient's public key from the Key Toolbox. +This action signals the software to use symmetric encryption for the task at +hand. At this point, the user is prompted to create a password. This password +acts as the encryption key, transforming the plaintext into ciphertext through a +cryptographic algorithm. It's crucial that this password is strong and unique, +as the security of the encrypted data directly depends on the password's +complexity and unpredictability. + +Once the password is established, GpgFrontend proceeds to encrypt the data. The +resulting ciphertext can only be decrypted with the exact password used for its +encryption. This means that anyone who wishes to access the encrypted data must +know the password, highlighting the importance of securely sharing this password +between the sender and receiver. + +Decrypting symmetrically encrypted data with GpgFrontend requires the same +password used during the encryption phase. When the 'Decrypt' function is +initiated, the software prompts the user to enter the password. Upon successful +authentication with the correct password, the software decrypts the ciphertext +back into readable plaintext. This decryption process, like encryption, is +straightforward and efficient, but the security of the data relies entirely on +the password's confidentiality. + +Symmetric encryption is particularly useful in scenarios where encrypted data +needs to be stored securely or transmitted over a secure channel, and where the +overhead of managing public and private keys is not desirable. However, the +challenge of securely exchanging the password between the sender and receiver +cannot be understated. If this password is intercepted or guessed by an +unauthorized party, the encrypted data's security is compromised. + +In summary, GpgFrontend's support for symmetric encryption provides a powerful +tool for users needing to secure their data with a password. This method is +distinguished by its reliance on a single password for both encryption and +decryption, offering a balance between simplicity and security. Users must +exercise caution in creating a strong password and ensure its secure exchange to +maintain the confidentiality and integrity of their encrypted data. Symmetric +encryption with GpgFrontend is a testament to the versatility of cryptographic +practices, catering to a wide range of security needs with user-friendly +solutions. + +## How to use it? + +Symmetric encryption is initiated when you click the 'Encrypt' button without +selecting any key in the Key Toolbox. For this type of encryption, a password +must be established for the encryption process. Subsequently, to decrypt the +data, you will need to provide the same password that was used during the +encryption phase. diff --git a/manual/basic/system-requirement.md b/manual/basic/system-requirement.md new file mode 100644 index 00000000..ec90e15c --- /dev/null +++ b/manual/basic/system-requirement.md @@ -0,0 +1,70 @@ +# System Requirement + +Before proceeding with the installation and usage of GpgFrontend, it's crucial +to understand the system requirements that ensure optimal performance. This +section provides comprehensive details about the necessary software +dependencies, hardware specifications, and the compatible operating systems. +Meeting these requirements will ensure a smooth, efficient experience while +using GpgFrontend. + +Please read the following subsections carefully to confirm that your system +aligns with the recommended configurations. + +## Hardware + +While the specific hardware requirements largely depend on the size and +complexity of the data you're working with, we generally recommend: + +A computer with at least 1 GB of RAM. However, 2 GB or more is preferable for +smoother performance. The majority of these resources are allocated to your +operating system, but around 100 MB of memory is needed to ensure the smooth +running of GpgFrontend. At least 200 MB of free disk space for software +installation. Additional space will be needed for ongoing work. + +Please note, these requirements are intended to be guidelines rather than strict +rules. It's possible that GpgFrontend will work on lower-spec hardware, but for +optimal performance, the above specifications are recommended. + +## Operating System + +GpgFrontend is compatible with major operating systems including Linux, macOS, +and Windows. Specifically, it recommends Windows 7 and later, macOS 11 and +later, and Ubuntu 20.04 LTS or other equivalent Linux distributions. + +## Software + +To ensure GpgFrontend functions seamlessly, it relies on the following software +dependencies: + +- **Qt Framework:** GpgFrontend is developed using the Qt framework to offer a + rich user experience and cross-platform compatibility. The application + includes: + + - **Qt6:** The primary build utilizes Qt6, ensuring a modern interface and + robust performance. Qt6 is included in the release packages for Linux, + macOS, and Windows, offering straightforward setup without additional + installations. + - **Qt5 Support for Windows:** Recognizing the need to accommodate users on + older versions of Windows, GpgFrontend also provides a Qt5-based version. + This variant ensures compatibility with earlier Windows environments, + extending the tool's accessibility and usability. + +- **GnuPG 2.2.0 or Higher:** GpgFrontend integrates with GnuPG for its + cryptographic operations, including encryption, decryption, and digital + signing. GnuPG (version 2.2.0 or newer) is a necessary component to leverage + the full capabilities of GpgFrontend. Please note, GnuPG 1.x versions are not + supported by GpgFrontend due to differences in functionality and support. + Users are encouraged to use GnuPG 2.x to ensure compatibility and secure + operations. + +By catering to a wide range of operating systems and ensuring backward +compatibility with older Windows versions through Qt5 support, GpgFrontend +strives to be as inclusive and accessible as possible. + +## Network + +Although not necessary for basic operation, an active Internet connection may be +required for software updates and accessing online help resources. + +Please note that these are the minimal requirements that we tested, and actual +requirements for your use case could be higher, especially for large datasets. diff --git a/manual/manual/understand-interface.md b/manual/basic/understand-interface.md index 495d9bc5..75ca7ecb 100644 --- a/manual/manual/understand-interface.md +++ b/manual/basic/understand-interface.md @@ -129,6 +129,7 @@ step. - **Type**: This column informs you about the key type and whether the primary key exists in your key pair. + - `pub` signifies that it is a public key, which can be used for encryption or verification operations. - `pub/sec` indicates that the key pair contains both public and private keys. diff --git a/manual/manual/view-keypair-info.md b/manual/basic/view-keypair-info.md index 7443ad9c..b3374493 100644 --- a/manual/manual/view-keypair-info.md +++ b/manual/basic/view-keypair-info.md @@ -9,7 +9,7 @@ be relatively long. Below is a screenshot of a friend's public key that I obtained from the key server. - + And here is a randomly generated private key. The most significant difference between this and the previous key is that the key pair with only the public key @@ -17,7 +17,7 @@ is used for encryption only, but if you possess the private key, you can perform more actions (it also depends on your algorithm; DSA can only be used for signatures). - + ## General Info @@ -33,7 +33,7 @@ set it as the primary UID to change it. According to the OpenPGP protocol, this part is divided into Name, Email, and Comment. - + ### Primary Key @@ -49,7 +49,7 @@ not exist, but this doesn't mean that neither the public key nor the private key exists. Please remember: Each subkey and primary key consist of a pair of public and private keys. - + #### Key ID @@ -114,7 +114,7 @@ other key pairs. ### Fingerprint - + The fingerprint of the key pair is used for humans to quickly compare whether the key pair is the expected key pair. This field is unique for all keys in the @@ -131,7 +131,7 @@ pair is what they expected. However, for accurate identification, fingerprints or key IDs should be compared. A key can have multiple UIDs, but a key pair can only have one primary UID, which is always listed first in the interface. - + UID has three elements: Name, Email, Comment. The name should be at least five characters long, and the email should conform to the format. The rules for @@ -186,10 +186,10 @@ key and a key pair that includes a private key. Here's what you can do with a public key-only key pair: - + And here's what you can do with a key pair that includes a private key: - + -These operations will be explained in detail throughout the documentation.
\ No newline at end of file +These operations will be explained in detail throughout the documentation. diff --git a/manual/contract.md b/manual/contract.md index 20903104..5b095c3b 100644 --- a/manual/contract.md +++ b/manual/contract.md @@ -1,39 +1,39 @@ -# Contact +# Contact Information -Please refrain from sharing content related to business and politics on this -platform, as this tool is designed for the betterment of all humanity. However, -if you have any technical questions or suggestions for improving the software, -please feel free to contact me. +Please avoid discussing business or political matters here. This space is +dedicated to fostering the well-being and advancement of humanity. If you have +any technical questions or suggestions on how to enhance this software, your +insights are very much welcome. -Preferably, use plain text when reaching out to me via email, as HTML is not -preferred. +For correspondence, I strongly prefer plain text emails over HTML formatted +messages. -## About Me +## Personal Details -Name: Saturneric, Eric, or Erich. +- **Name:** Eric +- **Email:** [[email protected]](mailto:[email protected]) (Server location: Federal + Republic of Germany) +- **Preferred Email Format:** Plain text, without HTML enhancements. -Email: [[email protected]](mailto:[email protected]) (Hosted in the Federal Republic -of Germany) +### About My Domain -Email Content Style: It is recommended to use plain text without HTML style rich -text. +The domain BKTUS (Bakantu Union US) is not a commercial entity but rather a +personal domain name of mine. -About Domain Name: BKTUS(Bakantu union us) is not a company; it is my personal -domain name. +### Language Proficiency -## Languages - -You can correspond with me in the following languages: +I am proficient in the following languages and welcome communication in any of +them: 1. English 2. Chinese -3. German (Deutsch) +3. German -## GPG Public Key Info +### Secure Communication (GPG Public Key) -Here is my long-term PGP public key. You can use this public key to establish -secure and encrypted communication with me. Please use plain text for any -encrypted communication and avoid using rich text formats such as HTML. +For secure and encrypted communication, below is my long-term PGP public key. +Please ensure any encrypted messages are sent in plain text format and avoid +rich text formats like HTML. ``` -----BEGIN PGP PUBLIC KEY BLOCK----- @@ -142,3 +142,5 @@ NBLmnMP3Dxpd21LKW8cWXa31F6E6eNf/45h7UGxVBRoOdPQ/Kwg4z69V9T/AXOuK =syqc -----END PGP PUBLIC KEY BLOCK----- ``` + +This setup is designed to maintain privacy and security in our communications. diff --git a/manual/contribute/contribute.md b/manual/contribute/contribute.md new file mode 100644 index 00000000..29044bc5 --- /dev/null +++ b/manual/contribute/contribute.md @@ -0,0 +1,95 @@ +# Contributing to GpgFrontend + +Thank you for considering contributing to GpgFrontend! As a community-driven +project currently maintained by a single individual, every contribution, no +matter how small, makes a significant difference. This guide is designed to +provide you with a clear pathway to contributing, whether you're submitting +changes via GitHub pull requests or sending git patches via email. Below, you'll +find the steps to set up your environment, make changes, and how to submit those +changes. Additionally, you'll find contact information for further assistance. + +## Technical Requirements + +To maintain the integrity and compatibility of GpgFrontend, please adhere to the +following technical standards for all contributions: + +- **C++ Standard:** Contributions must comply with the C++17 standard. This + requirement ensures that we leverage modern language features and maintain + forward compatibility. +- **C Standard:** For code that involves C programming, adherence to the C99 + standard is required. This helps ensure our code takes advantage of more + recent language features while maintaining compatibility with various + platforms and compilers. +- **Compiler Compatibility:** Your code should compile successfully with both + Clang and GCC compilers. This cross-compatibility is crucial for ensuring that + GpgFrontend can be built on a variety of platforms and environments. +- **Third-Party Libraries:** Introducing third-party libraries should be done + with caution. Any added library must be compatible with the GPL 3.0 license. + Prior discussion with project maintainers about the necessity and implications + of the new library is required. +- **Code Formatting:** Use our `.clang-format` and `.clang-tidy` configurations + to format your code. Consistent code formatting aids in maintaining the + readability and maintainability of the codebase. +- **Code Maintenance and Attribution:** Be aware that the project maintainer may + edit your code to better fit the project or enhance compatibility. You are + encouraged to include your name and contact information in the code comments + for your contributions if you wish. + +### Additional Standards to Consider + +- **Static Analysis:** To ensure code quality and catch potential issues early, + contributions should pass static analysis checks where applicable. Tools like + Clang Static Analyzer or GCC's `-Wall -Wextra -pedantic` flags can be used to + identify potential issues. +- **Unit Testing:** If your contribution adds new functionality or changes + existing behavior, including unit tests to cover your changes is highly + recommended. This helps ensure that your contributions do not inadvertently + break existing functionality. +- **Documentation:** Update existing documentation or add new documentation as + necessary to reflect your changes or additions to the project. Well-documented + code is essential for future maintenance and for new contributors to + understand the project. + +## Getting Started + +### Step 1: Set Up Your Environment + +Make sure you have a configured Git environment. For GitHub contributions, fork +the repository and clone it locally. For email contributions, ensure Git is +installed on your machine. + +For setting up local development Environment, you can refer to [this +section](setup-dev-env.md). + +### Step 2: Making Changes + +Create a new branch for your work, implement your changes while adhering to the +technical requirements and standards mentioned, and commit your changes with +clear, descriptive commit messages. + +### Step 3: Submitting Contributions + +#### Via GitHub Pull Request + +Push your changes to your fork and submit a pull request to the original +repository. Ensure your pull request describes the changes made and the reason +for those changes. + +#### Via Email with Git Patch + +For email submissions, generate a git patch for your commits and send it to the +project's contribution email address. Make sure to include a detailed +description of your changes and the reasons for them in your email. + +## Contact + +If you have any technical questions or need assistance, refer to the Contact +document for the maintainer's email address. We are here to help and encourage a +collaborative development process. + +## Conclusion + +Your contributions are vital to the success and improvement of GpgFrontend. We +appreciate your efforts to adhere to these guidelines and look forward to your +innovative and high-quality contributions. Thank you for being a part of our +community. diff --git a/manual/contribute/setup-dev-env.md b/manual/contribute/setup-dev-env.md new file mode 100644 index 00000000..532208a5 --- /dev/null +++ b/manual/contribute/setup-dev-env.md @@ -0,0 +1,118 @@ +# Setting Up Your Local Development Environment + +Creating a local development environment that mirrors the GitHub Actions +workflow ensures consistency between local development and continuous +integration builds. This guide leverages the steps defined in our GitHub Actions +workflow to help you set up a similar environment on your local machine. By +following these steps, you'll be able to compile, build, and test the project in +an environment closely resembling our CI pipeline, minimizing integration +issues. The exact commands and environment configurations used during the +compilation are documented within the project's `.github/workflow/release.yml` +file. + +## Prerequisites + +- **Git:** Installed and configured on your system. +- **Compilers:** GCC and Clang for cross-compatibility. +- **CMake:** For generating build files. +- **Qt6:** If working on a project that utilizes Qt for its GUI. + +## Environment Setup Steps + +### Clone the Repository + +```bash +git clone https://github.com/saturneric/GpgFrontend.git +cd GpgFrontend +``` + +### Configure Git Line Endings + +This step ensures that line endings are consistent across different operating +systems. + +- **For Windows:** + +```bash +git config --global core.autocrlf false +git config --global core.eol lf +``` + +- **For macOS:** + +```bash +git config --global core.autocrlf false +git config --global core.eol lf +``` + +### Install Dependencies + +- **On Ubuntu 20.04:** + +```bash +sudo apt-get update +sudo apt-get install -y build-essential binutils git autoconf automake gettext texinfo gcc g++ ninja-build libarchive-dev libssl-dev libgpgme-dev +``` + +- **On macOS (11 and 12):** + +```bash +brew install cmake autoconf automake texinfo gettext openssl@3 ninja libarchive gpgme +brew link --force openssl@3 + +``` + +- **For Windows (via MSYS2):** Set up MSYS2 according to its documentation and + install the necessary packages: + +```bash +pacman -Syu +pacman -S mingw-w64-x86_64-gcc mingw-w64-x86_64-make mingw-w64-x86_64-cmake autoconf automake make texinfo mingw-w64-x86_64-qt6 libintl msys2-runtime-devel gettext-devel mingw-w64-x86_64-ninja mingw-w64-x86_64-gnupg mingw-w64-x86_64-libarchive +``` + +### Install Qt6 (if applicable) + +Use the Qt online installer or your package manager to install Qt6 and the +required modules for your project. + +### Build Third-Party Libraries (if needed) + +Follow the project's documentation to clone and build necessary third-party +libraries such as `libgpg-error`, `libassuan`, and `GpgME`. Use the same +commands as specified in the GitHub Actions workflow, adapted for your local +environment. + +### Configure and Build the Project + +- **For Linux and macOS:** + +```bash +mkdir build && cd build +cmake .. -DCMAKE_BUILD_TYPE=Release +make -j$(nproc) +``` + +- **For Windows (via MSYS2):** + +```bash +mkdir build && cd build +cmake .. -G "MinGW Makefiles" -DCMAKE_BUILD_TYPE=Release +mingw32-make -j$(nproc) +``` + +### Running Tests + +After building, run the project's tests to verify everything is working as +expected. + +## Notes + +- Adjust the build type (`Release`, `Debug`, etc.) as needed. +- Replace project-specific commands and dependency installation commands based + on your project's requirements. +- For macOS, additional steps for code signing and notarization are required only + for distribution. + +By closely following the GitHub Actions workflow for local setup, you're +creating a development environment that minimizes surprises during the +integration and deployment phases. diff --git a/manual/translate-interface.md b/manual/contribute/translate-interface.md index 7f09da54..7f09da54 100644 --- a/manual/translate-interface.md +++ b/manual/contribute/translate-interface.md diff --git a/manual/downloads.md b/manual/downloads.md index 2dd488db..f1c3fde1 100644 --- a/manual/downloads.md +++ b/manual/downloads.md @@ -1,25 +1,50 @@ # Downloads -Currently, you can download GpgFrontend in many ways. For more tips, you can see -the quick start manual [HERE](quick-start.md). It provides more information on -installing and running. +GpgFrontend is available for download through multiple channels. For more +detailed instructions on installation and getting started, please refer to the +[Quick Start Manual](quick-start.md). --- -## GitHub Releases +## Download Options Across Platforms -[](https://github.com/saturneric/GpgFrontend/releases/latest) +### GitHub Releases -## SourceForge +- **Latest Release Download**: Click the badge below to directly navigate to the + GitHub page for the latest release download. -[](https://sourceforge.net/projects/gpgfrontend/files/latest/download) + [](https://github.com/saturneric/GpgFrontend/releases/latest) -## Homebrew Cask +### SourceForge -[](https://formulae.brew.sh/cask/gpgfrontend) +- **SourceForge Download**: Access the download page on SourceForge through the + download button below. -Or just execute `brew install --cask gpgfrontend` + [](https://sourceforge.net/projects/gpgfrontend/files/latest/download) -## Microsoft Store +### Homebrew Cask -<ms-store-badge productid="9NH716MQK2B5"></ms-store-badge> +- **Homebrew Cask**: Mac users can check the version information through the + badge below or install using the command line. + + [](https://formulae.brew.sh/cask/gpgfrontend) + + Install command: + + ``` + brew install --cask gpgfrontend + ``` + +### Flatpak + +- **Flatpak Installation**: Linux users can click the image below to navigate to + the Flathub page for installation. + + [](https://flathub.org/apps/com.bktus.gpgfrontend) + +### Microsoft Store + +- **Microsoft Store Download**: Windows users can visit the application store + page through the Microsoft Store badge below. + + <ms-store-badge productid="9NH716MQK2B5"></ms-store-badge> diff --git a/manual/faq.md b/manual/faq.md index 9d474460..135c6567 100644 --- a/manual/faq.md +++ b/manual/faq.md @@ -1,91 +1,96 @@ -# FAQ +# Frequently Asked Questions (FAQ) -## What is GpgFrontend? +## Understanding GpgFrontend -GpgFrontend is a cross-platform encryption tool that adheres to the OpenPGP -standard. Its objective is to make the use of OpenPGP simpler, thereby enabling -more individuals to secure their privacy. +**What is GpgFrontend?** GpgFrontend is a user-friendly, cross-platform tool +designed to facilitate the use of OpenPGP encryption, making it easier for +individuals to protect their privacy and secure their communications. -## What's the relationship between OpenPGP(PGP) and GnuPG(GPG)? +**What can I do with GpgFrontend?** Beyond basic encryption and decryption, +GpgFrontend supports digital signatures to verify the integrity and origin of +messages. Users can manage and generate key pairs, encrypt files and emails, and +sign their communications for added security. -OpenPGP is a standard for data encryption and decryption, which is supported by -GpgFrontend. GnuPG is a cryptographic software that's used for encryption, -signing, and key management for asymmetric cryptography, and it follows the -OpenPGP standard. GpgFrontend utilizes GnuPG during its operation to perform -various tasks such as encryption and decryption. +**How can I obtain and start using GpgFrontend?** You can download the latest +version of GpgFrontend from its GitHub repository. Visit [GpgFrontend's +Downloads Page](https://www.gpgfrontend.bktus.com/#/downloads) to find the most +recent release. Installation is straightforward: just follow the ReadME +instructions to set it up. -## How to obtain and use GpgFrontend? +## OpenPGP and GnuPG Explained -The various versions of GpgFrontend will be released in the GitHub repository, -and you can find and download the latest version -[HERE](https://www.gpgfrontend.bktus.com/#/downloads). After downloading, you can -refer to the instructions in ReadME and you can start using it in just a few -steps. +**How do OpenPGP and GnuPG relate?** OpenPGP serves as a standardized protocol +for encrypting and decrypting data, which GpgFrontend supports. GnuPG, or GPG, +implements the OpenPGP standard, providing the necessary cryptographic +functions. GpgFrontend leverages GnuPG for operations like encryption, +decryption, and key management. -## How to deal with 'ENV Loading Failed'? +**Which operating systems does GpgFrontend support?** GpgFrontend is a +cross-platform application that supports Windows, macOS, and Linux, making it +accessible to nearly all users for their privacy and data protection needs. -The reason for this problem is that GpgFrontend failed to find the GnuPG in your -machine. You can follow suggestions below. +## Troubleshooting GnuPG Installation Issues -### macOS +**Encountering 'GnuPG not installed correctly'?** This issue typically arises +when GpgFrontend cannot locate GnuPG on your system. Here are steps to address +this based on your operating system: -For macOS users, please install GnuPG for OSX -[Here](https://sourceforge.net/p/gpgosx/docu/Download/). Or just use Homebrew to -install GpgFrontend. By executing command: +### For macOS Users -`brew install --cask gpgfrontend`. +- **Install GnuPG for OSX** from + [here](https://sourceforge.net/p/gpgosx/docu/Download/), or install + GpgFrontend using Homebrew with `brew install --cask gpgfrontend`. +- If GnuPG is installed in a custom location, please tell GpgFrontend where the + gpgconf binary it is at GnuPG Controller. -If you have installed GnuPG under a custom path, you can add the "bin" directory -of GnuPG in to PATH. +### For Linux Users -### Linux +- Install GnuPG via your package manager (apt, yum, etc.). +- If GnuPG is installed in a custom location, please tell GpgFrontend where the + gpgconf binary it is at GnuPG Controller. -For Linux users, please install GnuPG through apt or yum. +### For Windows Users -If you have installed GnuPG under a custom path, you can add the "bin" directory -of GnuPG in to PATH. +- The latest GpgFrontend versions include GnuPG. It's recommended to download + the most recent GpgFrontend version. +- Alternatively, download GnuPG from + [here](https://www.gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.0_20221216.exe) + and reinstall if necessary. -### Windows +### Additional Assistance -For Windows users, GnuPG is now integrated in the latest version of GpgFrontend, -we recommend you to download the latest GpgFrontend if you don't have any ideas. +- For more detailed guidance, refer to the quick start manual available at + [Quick Start Guide](quick-start.md). -Or, you can download GnuPG installers for Windows -[HERE](https://www.gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.0_20221216.exe). -Try to reinstall GnuPG through installer when you have already install it. +## Reporting Bugs and Contributing -### More Tips? +**Found a bug?** If you encounter any issues with GpgFrontend, please report +them via the GitHub repository. You can also contact me directly if you're not +on GitHub; see the [Contact](contract.md) section for details. -For more tips, you can see the quick start manual [HERE](quick-start.md). It -provides more information on dealing this situation. +**Interested in contributing?** Feel free to modify GpgFrontend's code and +submit a Pull Request with your enhancements. You can also send patches via +email if you prefer to contribute anonymously. -## I found some bugs in GpgFrontend, what should I do? +## Why the Need for GnuPG? -If you find a defect in GpgFrontend, you are welcome to create an issue in the -GitHub repository to describe the problem. When I see your issue, I will respond -as soon as possible. If you do not have a GitHub account, please email my -personal mailbox. For contact information, please see [Contract](contract.md). +**Importance of Installing GnuPG** GpgFrontend itself does not handle direct +encryption or decryption; it requires GnuPG for these operations. This design +choice ensures higher security, allowing users to rely on their own verified +version of GnuPG. -## Can I modify the code of GpgFrontend? +## Understanding BETA Versions -If you have any good ideas, you are free to modify the code of GpgFrontend. You -are welcome to submit a Pull Request to add your good ideas to the next version. +**What does "BETA" signify in a release?** A "BETA" label indicates that the +version may not have undergone comprehensive testing, particularly for new +modules. While beta versions are carefully evaluated post-release, and stable +versions are published when ready, the aim is to avoid beta releases from +version 2.0.0 onwards, barring exceptional circumstances. -You can contribute completely anonymously, and you can email me patches. +## Security and Privacy -## Why should I install GnuPG additionally? - -The source code of GpgFrontend does not contain operations such as encryption -and decryption, which requires Gnupg to provide support. In addition, for users -with higher security requirements, they can let GpgFrontend drive their trusted -copy of Gnupg. This design improves the security of GpgFrontend. - -## What is the release version with BETA? - -The release version with the word "beta" means that some modules of this version -have not yet been thoroughly tested. In addition, some support for the beta -version may not be complete. But rest assured, I will test after the beta -version is released, and release a stable version at an appropriate time. - -But starting from 2.0.0, BETA versions will not be released unless there are -special circumstances. +**How does GpgFrontend ensure my communications are secure?** GpgFrontend uses +GnuPG to implement the OpenPGP standard, securing your data with robust +encryption algorithms to prevent unauthorized access. It supports public and +private key encryption methods, ensuring only intended recipients can decrypt +and read your messages. diff --git a/manual/features/key-package.md b/manual/features/key-package.md new file mode 100644 index 00000000..de364908 --- /dev/null +++ b/manual/features/key-package.md @@ -0,0 +1,59 @@ +# KeyPackage Functionality + +## Overview + +The KeyPackage is a feature designed to securely package and transfer key data +between different devices. It encapsulates both the public and private keys of +multiple key pairs, ensuring that users can maintain cryptographic functionality +across various platforms. This document outlines the process of creating, +exporting, and safely transferring a KeyPackage. + +## Creating a KeyPackage + + + +## Exporting the KeyPackage + +After configuring the export settings: + +1. Click on the 'OK' button to create the KeyPackage. +2. The interface will generate two files: + - A `.gpgpack` file containing the packaged keys. + - A `.key` file which should be kept confidential and deleted after the transfer is complete. + +## Security Notice + +When the KeyPackage is successfully created, a message will inform you that the +package is protected with encryption algorithms (e.g., AES-256-ECB) and is safe +to transfer. However, it emphasizes that the key file must not be disclosed +under any circumstances. Users are advised to delete the KeyPackage file and the +key file as soon as possible after the transfer is complete. + +## Transferring the KeyPackage + +To transfer the KeyPackage: + +1. Use a secure transfer method to move the `.gpgpack` file to the target + device. This could be through a secured network connection, encrypted email, + or a physical device like a USB drive, which should be encrypted as well. +2. Once transferred, import the KeyPackage into the key management tool on the + target device using the passphrase set during the creation process. + +## After Transfer: Importing and Verifying + + + +## Best Practices + +- Always ensure that you are transferring key data over a secure channel. +- Keep the passphrase strong and confidential. +- Delete the KeyPackage files from all devices and any intermediaries (like + email servers or cloud storage) after the transfer is complete to prevent + unauthorized access. + +## Conclusion + +The KeyPackage feature streamlines the process of transferring key data between +devices while maintaining high security standards. By following the steps +outlined in this document, users can effectively manage their cryptographic keys +across multiple platforms. diff --git a/manual/features/sync-all-public-keys.md b/manual/features/sync-all-public-keys.md index e65aaae7..2658f84e 100644 --- a/manual/features/sync-all-public-keys.md +++ b/manual/features/sync-all-public-keys.md @@ -1,30 +1,71 @@ -# Public Key Sync +# Synchronizing Public Keys with Key Server -Maintaining the synchronization of your local key with the one on the key server -is of paramount importance in certain situations. Such scenarios may include the -revocation of a key by its owner, necessitating the immediate discontinuation of -its use to prevent potential man-in-the-middle attacks. Alternatively, if the -key owner generates a new signing subkey, gpg won't be able to authenticate the -validity of the encrypted text if it's signed with the subkey and you lack the -local information about the subkey. +Keeping your public keys in sync with those stored on a key server is crucial +for secure communications. This synchronization ensures that any changes to +public keys, such as revocations or the addition of subkeys, are reflected in +your local keyring. Without this, you may be vulnerable to security risks like +man-in-the-middle attacks or authentication errors. -## How to use +Here's a structured guide to maintaining public key synchronization using the +GpgFrontend's Public Key Sync feature. -The utilization of this feature is straightforward. By clicking the Sync Public -Key button in the Key Management interface, the process is automated. +## Importance of Public Key Synchronization - +**Key Revocation:** If a key is revoked by its owner, it's vital to stop using +it immediately. Revocation might occur if the private key is compromised or if +the key is no longer used. -This functionality checks all the public keys you currently possess (only public -keys, no private keys are involved). It then seeks it on the key server. If the -corresponding public key is found on the server, GpgFrontend imports the updated -public key from the server to the local machine. +**Subkey Updates:** If a new signing subkey is generated, it's essential for +your local gpg to recognize it. Without the updated information, gpg won't +authenticate signatures made with the new subkey. -### Key Server Utilized +## How to Sync Public Keys -How do you determine which key server GpgFrontend accessed? It's quite simple. -GpgFrontend exchanges keys using the default key server that you've configured. -If you need to modify the key server you wish to access, you merely need to add -your key server in the settings and set it as the default. +GpgFrontend automates the public key synchronization process through a +user-friendly interface. Here’s how to use it: - +1. Open the **Key Management** interface. +2. Locate and click the **Sync Public Key** button. This initiates the automatic + synchronization. + + + +_Note: Replace the placeholder text with the actual link to the image showing +the Sync Public Key button._ + +The feature works by checking all the public keys in your possession against the +key server. If there's an updated version of a key you own, GpgFrontend will +import the new details to your local keyring. + +### Choosing the Right Key Server + +To know which key server GpgFrontend interacts with, follow these steps: + +1. Go to the settings section of GpgFrontend. +2. The default key server configured will be listed here. + + + +_Note: Replace the placeholder text with the actual link to the image showing +the key server settings._ + +If you need to use a different key server: + +1. Navigate to the key server settings within GpgFrontend. +2. Add your preferred key server's details. +3. Set it as the default for future synchronizations. + +## Best Practices for Key Synchronization + +- **Regular Sync:** Regularly sync your keys to ensure you have the latest + updates, especially before engaging in secure communication. +- **Verify Changes:** After syncing, verify any changes or updates to ensure + they are legitimate. +- **Secure Network:** Always perform key synchronization over a secure network + to prevent interception or tampering. + +## Conclusion + +By following this guide, you can ensure that your public keys are always +up-to-date, reflecting the current status on the key server, thereby maintaining +the integrity of your encrypted communications. diff --git a/manual/index.html b/manual/index.html index edb781e7..7b99531b 100644 --- a/manual/index.html +++ b/manual/index.html @@ -7,21 +7,21 @@ <meta name="description" content="Description"> <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0"> <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/docsify-themeable@0/dist/css/theme-defaults.css"> - <link rel="shortcut icon" href="/_media/icon.svg" type="image/x-icon"> + <link rel="shortcut icon" href="https://image.cdn.bktus.com/i/2024/02/24/b885d4e2-7695-1b0a-ec5e-a43d4102a5b7.webp" type="image/x-icon"> </head> <body> <div id="app"></div> <script> window.$docsify = { search: 'auto', - logo: '/_media/trademark.png', + logo: 'https://image.cdn.bktus.com/i/2024/02/24/67473f4d-6cac-e0e2-3d60-f3400528ad8d.webp', name: 'GpgFrontend', loadNavbar: true, loadSidebar: true, routerMode: 'history', coverpage: true, onlyCover: true, - subMaxLevel: 3, + subMaxLevel: 1, repo: 'https://github.com/saturneric/GpgFrontend', mergeNavbar: true, alias: { diff --git a/manual/manual/sign-verify-file.md b/manual/manual/sign-verify-file.md deleted file mode 100755 index cf1d9b34..00000000 --- a/manual/manual/sign-verify-file.md +++ /dev/null @@ -1,59 +0,0 @@ -# Signing & Verifying Files - -Gpg Frontend offers a convenient and efficient method for file operations. The -concept of signing and verifying files is almost identical to text, with the key -difference being that the file operations' input and output can be binary. - -## Introduction to File Extensions - -For ASCII-formatted ciphertext, the filename suffix is usually "asc", and these -files can be opened directly with a text editor. However, if the ciphertext is -binary, its file extension will be "sig" or "gpg". Typically, binary ciphertext -files are smaller than ASCII-formatted ones. - -Prior to v2.0.4, the ciphertext files generated by GpgFrontend were all in ASCII -format. But starting with v2.0.4, GpgFrontend defaults to generating -binary-formatted ciphertext files. You can modify this setting in the settings. - - - -## File Browser - -You can open the file browser (Ctrl/Command + B) via the top menu file option. -Using the file browser, navigate to your working directory. Then, right-click -the file you wish to operate on, and select the desired operation from the -pop-up menu. - - - -Two control buttons are located at the top of the file tab. The one on the left -allows you to go up a level, and the one on the right enables you to enter or -refresh the corresponding path in the input box on the left. - -On the far right is a button offering useful options, such as displaying system -files or hidden files. - - - -### Sign - -Through the right-click menu, you can rapidly sign a file. This operation will -generate a file with a "sig" or "asc" suffix, which contains the signature -content. In this scenario, you need to pass both this file and the original file -to the other party to allow them to verify it. - - - -### Verify - -This operation requires you to select a file with a "gpg" suffix (this may be -invalid for binary file ciphertext) or a file with a "sig" suffix for -verification. - -When selecting a file with the "sig" suffix, ensure that the source file is also -present in this directory. This implies that the source file's name is simply -missing a "sig" suffix. - -
\ No newline at end of file diff --git a/manual/manual/sign-verify-text.md b/manual/manual/sign-verify-text.md deleted file mode 100644 index 3237a641..00000000 --- a/manual/manual/sign-verify-text.md +++ /dev/null @@ -1,61 +0,0 @@ -# Signing & Verifying Text - -The process of signing and verifying generally corresponds to the process of -encryption and decryption. For signing, the private key is used, and for -verifying, the public key is utilized. Similar to signing a document with -multiple signatures, you can choose multiple private keys during the signing -process. However, there are key differences. Digital signatures enable us to -check whether the signed content has been altered, which is difficult to achieve -with handwritten signatures. - -## Signature Only - -By signing the text, you establish that you are the sole and unalterable -authority for this text. You can simply sign the text without encrypting it as -follows: - - - -To check whether a key can be used for signing, please review the 'Usage' column -in the key toolbox on the right (the letter 'S' stands for signature). - -## Signature with Encryption - -You also have the option to sign and encrypt at the same time by choosing a -public key for encryption and your private key for signing. This is a common -practice where you select two key pairs: one belonging to someone else for -encryption, and your private key for signing. If you don't select a key for -signing, only encryption is possible, but you will receive a warning. It's worth -noting that combining signing with encryption provides an additional layer of -security as it assures the recipient that the message hasn't been altered and it -came from the sender whose identity is verified by the digital signature. - - - -## Verification - -Once you have a plaintext and its corresponding signature, you can verify the -signature using the signer's public key. However, this type of signature isn't -suitable for emails as it can make the email less readable. - - - -To verify a signature with text, you need to have the corresponding public key -for all included signatures. If a suitable public key for a signature isn't -found locally during verification, GpgFrontend will prompt you to import it. - - - -## Verification with Decryption - -When decrypting a ciphertext, it's advised to verify it simultaneously, -regardless of whether the encryptor signed it or not. It's impossible to -determine from the ciphertext's format if it has been signed. Therefore, it's a -good habit to always perform decryption operations with verification whenever -possible. - - diff --git a/manual/manual/symmetric-encrypt-decrypt-text.md b/manual/manual/symmetric-encrypt-decrypt-text.md deleted file mode 100644 index 63637737..00000000 --- a/manual/manual/symmetric-encrypt-decrypt-text.md +++ /dev/null @@ -1,7 +0,0 @@ -# Symmetric Encryption & Decryption of Text - -Symmetric encryption is initiated when you click the 'Encrypt' button without -selecting any key in the Key Toolbox. For this type of encryption, a password -must be established for the encryption process. Subsequently, to decrypt the -data, you will need to provide the same password that was used during the -encryption phase.
\ No newline at end of file diff --git a/manual/overview.md b/manual/overview.md index d4913fed..e09c7bbd 100644 --- a/manual/overview.md +++ b/manual/overview.md @@ -1,146 +1,64 @@ -# Overview of GpgFrontend +# GpgFrontend: Your OpenPGP Companion --- - - - - -[](https://www.codacy.com/gh/saturneric/GpgFrontend/dashboard?utm_source=github.com&utm_medium=referral&utm_content=saturneric/GpgFrontend&utm_campaign=Badge_Grade) -[](https://app.fossa.com/projects/git%2Bgithub.com%2Fsaturneric%2FGpgFrontend?ref=badge_shield) + + + + +[](https://www.codacy.com/gh/saturneric/GpgFrontend/dashboard?utm_source=github.com&utm_medium=referral&utm_content=saturneric/GpgFrontend&utm_campaign=Badge_Grade) +[](https://app.fossa.com/projects/git%2Bgithub.com%2Fsaturneric%2FGpgFrontend?ref=badge_shield) -**GpgFrontend** is a Powerful, Easy-to-Use, Compact, Cross-Platform, and -Installation-Free [OpenPGP](https://www.openpgp.org/) Crypto Tool. +**GpgFrontend** stands as a premier, cross-platform, user-friendly, and compact +tool for all your [OpenPGP](https://www.openpgp.org/) encryption needs. Designed +for both beginners and experts in data security, GpgFrontend simplifies +encryption, decryption, and digital signing, offering a seamless interface for +managing OpenPGP tasks. Embrace the latest features of GnuPG 2.x, enhancing your +security in the digital age. -By using GpgFrontend, you can quickly encrypt and decrypt text or files. Or at -the same time as the above operations, you can add your own signature to let -others know that this document or this paragraph of text was issued by you. +**Document Version Reference: [v2.1.2](https://github.com/saturneric/GpgFrontend/releases/tag/v2.1.2)** -Furthermore, it visualizes most of the common operations of gpg commands. It -aims to allow ordinary users to quickly use gpg and make professional users more -convenient. GpgFrontend supports new features of GnuPG 2.x. +## User Interface Glimpse -**The corresponding release version for this -Document: [v2.0.4](https://github.com/saturneric/GpgFrontend/releases/tag/v2.0.4)** +_Note: GpgFrontend's appearance may vary across different operating systems and +themes. Always refer to the corresponding version of the software for the most +accurate documentation._ -## Interface + -Note: For different operating system and system style settings, GpgFrontend may -look different.Documentation can also vary widely from release to release. -Please check the corresponding program release version for the document. +## Project Origins and Mission - +GpgFrontend inherits its core from the stable and user-friendly +[gpg4usb](https://www.gpg4usb.org/) project, aiming to introduce OpenPGP's new +features while maintaining simplicity and accessibility. My goal is to +ensure data security, making GnuPG's powerful tools available to all, +regardless of technical expertise. -## System Requirement +### A Commitment to Freedom and Security -Before proceeding with the installation and usage of GpgFrontend, it's crucial -to understand the system requirements that ensure optimal performance. This -section provides comprehensive details about the necessary software -dependencies, hardware specifications, and the compatible operating systems. -Meeting these requirements will ensure a smooth, efficient experience while -using GpgFrontend. +As a solo-maintained open-source project, GpgFrontend is a testament to the +power of community and the pursuit of privacy. It remains forever free, inviting +contributions, suggestions, and feedback from users worldwide. -Please read the following subsections carefully to confirm that your system -aligns with the recommended configurations. +## Explore the Source -### Operating System +Dive into the development journey on GitHub, where every line of code, each +update, and user feedback converge to refine and enhance GpgFrontend. -GpgFrontend is compatible with major operating systems including Linux, macOS, -and Windows. Specifically, it recommends Windows 10 and later, macOS 11 and -later, and Ubuntu 20.04 LTS or other equivalent Linux distributions. +- [GitHub Repository](https://github.com/saturneric/GpgFrontend) -### Software Dependencies +### License and Contributions -Qt6 or Later: GpgFrontend is developed using the Qt framework. Therefore, a -runtime of Qt6 or later is required for the software to function correctly. -Please note, the Qt6 runtime is integrated into the Release Package for Linux, -macOS, and Windows, so it generally does not need to be considered separately. -This allows for easier setup and ensures compatibility across different systems. +Licensed under GPL-3.0, GpgFrontend champions open-source values. Contributions +are not just welcomed but essential—whether through issue reports, pull +requests, or code patches via email. -GnuPG: As the frontend for GnuPG, GpgFrontend requires GnuPG (version 2.2.0 or -higher) to be pre-installed in your system. Please note, GpgFrontend is not -compatible with GnuPG 1.x versions. Users employing earlier versions of GnuPG 2 -may encounter some unforeseen issues. We strongly recommend updating to the -supported versions to ensure a seamless experience. +## Ensuring Your Privacy -### Hardware +With a serverless design, GpgFrontend guarantees your data stays yours alone. +For those requiring extra security layers, future versions will offer offline +functionality, further solidifying its stance as a privacy-first tool. -While the specific hardware requirements largely depend on the size and -complexity of the data you're working with, we generally recommend: - -A computer with at least 1 GB of RAM. However, 2 GB or more is preferable for -smoother performance. The majority of these resources are allocated to your -operating system, but around 100 MB of memory is needed to ensure the smooth -running of GpgFrontend. At least 200 MB of free disk space for software -installation. Additional space will be needed for ongoing work. - -Please note, these requirements are intended to be guidelines rather than strict -rules. It's possible that GpgFrontend will work on lower-spec hardware, but for -optimal performance, the above specifications are recommended. - -### Network - -Although not necessary for basic operation, an active Internet connection may be -required for software updates and accessing online help resources. - -Please note that these are the minimal requirements that we tested, and actual -requirements for your use case could be higher, especially for large datasets. - -## Origin - -The GpgFrontend project inherit from a relatively mature but not maintained -[gpg4usb](https://www.gpg4usb.org/) project. It inherits the stable, -easy-to-use, compact, and installation-free features of gpg4usb, and plans to -support some new features of OpenPGP based on it and continue to improve it. - -## Purpose - -GpgFrontend is committed to empowering people globally, especially those without -command-line or programming expertise, to securely transmit information. While -free software represents a shared asset for all of humanity, many individuals -remain unable to leverage it due to limited knowledge or ingrained usage habits. -Our mission is to break this cycle. - -We are dedicated to improving the user-friendliness and intuitive nature of the -free software GnuPG, with the primary objective of expanding its reach to a -wider audience. - -As an open-source project, GpgFrontend not only advocates for transparency and -community participation, but also adheres to using open-source codes and -libraries. - -### Free forever - -GpgFrontend is committed to remaining free of charge indefinitely. You can rest -assured that you will never be asked to pay a fee to use the software. - -## Source Code - -The primary code repository for GpgFrontend resides on the GitHub server. Every -update gets committed here first. You can visit the [code -repository](https://github.com/saturneric/GpgFrontend) to -follow our development progress and stay updated on the latest changes. - -### License - -GpgFrontend's source code is licensed under the GPL-3.0 license, affirming its -status as open-source software. You are entitled to exercise the rights outlined -in the license, as long as you adhere to its terms and conditions. - -### Contributing - -We believe that adding new features shouldn't compromise existing core -functionality. However, as an individual developer, my abilities are limited. -Therefore, GpgFrontend warmly welcomes contributors. You can report issues or -submit pull requests through GitHub. Additionally, questions and code -contributions can be submitted via email. Feel free to send me your bug reports -and patches. - -## Privacy Assurance - -GpgFrontend operates serverlessly, it doesn't require any server to function. -Although it utilizes the OpenPGP protocol for public key transfers, no -additional information is collected or uploaded. - -For users with heightened security needs, a version of GpgFrontend will be made -available in the future that lacks internet access capabilities. +GpgFrontend is more than software; it's a commitment to secure, accessible, and +open communication for everyone. Join us in this journey, where your security +and privacy are paramount. diff --git a/manual/quick-start.md b/manual/quick-start.md index 0d0314d4..7c4f6218 100644 --- a/manual/quick-start.md +++ b/manual/quick-start.md @@ -1,128 +1,206 @@ -# Getting Started +# Getting Started with GpgFrontend -GpgFrontend is a versatile tool featuring cross-platform compatibility. The -installation process may vary depending on your operating system. +Welcome to GpgFrontend, the cross-platform, OpenPGP encryption tool designed for +simplicity and security. This guide will walk you through the installation +process tailored to your operating system, ensuring you can start securing your +communications as quickly and efficiently as possible. -## Prerequisites +## Before You Begin: Prerequisites -**For Windows or macOS users with Homebrew, this section can be skipped.** +**Note for Windows or macOS users who utilize Homebrew: You may skip this +prerequisites section.** -As GpgFrontend is built on the basic functions provided by GnuPG, you need to -install GnuPG before running GpgFrontend. From GnuPG 2.0 onward, GPG works on -separate modules for each of its functionalities, and these modules need to be -correctly integrated into your operating system for smooth operation. +GpgFrontend leverages the robust functionalities of GnuPG for encryption, +decryption, and key management. It is crucial to have GnuPG installed on your +device to make full use of GpgFrontend. Starting from version 2.0, GnuPG +operates on modular components for enhanced functionality, requiring proper +integration with your system. -Please note, GnuPG cannot operate within an App Sandbox, so GpgFrontend is -currently not available on the Apple Store. +Be aware, due to GnuPG's inability to function within an App Sandbox, +GpgFrontend is not available through the Apple Store. -Most recent Linux distributions come with a pre-installed GnuPG 2.0 environment. -You can verify this by typing `gpg --version` in the command line. **However, it -is recommended to install GnuPG versions 2.2 or higher.** +For Linux users, most contemporary distributions come with GnuPG 2.0 +pre-installed. Check your GnuPG version with `gpg --version` in your terminal. +It is advisable to upgrade to GnuPG version 2.2 or later for optimal performance +and compatibility. -## Install & Run Steps +## Installation & Execution Guide -### Windows (No Setup) +### For Windows Users -1. [Download](https://github.com/saturneric/GpgFrontend/releases/latest) the - file `GpgFrontend-*******-windows-x86_64-portable.zip`. -2. Unzip the downloaded file. (This step is necessary) -3. Navigate to the `Program/bin` directory and double-click `GpgFrontend.exe`. +#### Portable Version (No Installation Required) -### Windows (Setup) +1. **Download** the portable version from [GpgFrontend's latest + releases](https://github.com/saturneric/GpgFrontend/releases/latest), labeled + `GpgFrontend-*******-windows-x86_64-portable.zip`. +2. **Extract** the contents of the downloaded ZIP file. +3. **Run** `GpgFrontend.exe` from the extracted `Program/bin` directory. -1. [Download](https://github.com/saturneric/GpgFrontend/releases/latest) the - file `GpgFrontend-*******-windows-x86_64-setup.exe`. -2. Follow the installation process, and GpgFrontend will be accessible from your - desktop. +#### Installer Version -### macOS +1. **Download** the installer from [GpgFrontend's latest + releases](https://github.com/saturneric/GpgFrontend/releases/latest), named + `GpgFrontend-*******-windows-x86_64-setup.exe`. +2. **Install** GpgFrontend by following the on-screen instructions. After + installation, you can access GpgFrontend directly from your desktop. -All published app packages have passed Apple's verification checks, meaning you -can open it directly without requiring extra permissions. +### For macOS Users -#### Homebrew Cask +GpgFrontend's macOS packages are Apple-verified, allowing straightforward +opening without additional permissions. -Use Homebrew Cask to install or remove GpgFrontend from your machine quickly and -easily. +#### Using Homebrew Cask -0. Ensure Homebrew is installed on your machine. -1. Install GpgFrontend by running the command `brew install --cask gpgfrontend`. -2. Find GpgFrontend in your Launchpad, double-click, and run it. +For an effortless install or removal process, use Homebrew Cask: -#### Download and Install from DMG +1. Ensure **Homebrew** is installed. +2. **Install** GpgFrontend with the command `brew install --cask gpgfrontend`. +3. **Launch** GpgFrontend from your Launchpad. -0. Install `gnupg` using Homebrew OR download "GPG for OS X" from - [Here](https://sourceforge.net/projects/gpgosx/files). -1. [Download](https://github.com/saturneric/GpgFrontend/releases) - `GpgFrontend-*******-macos-**.dmg`. - - `x86_64` indicates the build machine type. This version will run smoothly - on both Intel and Apple(M1/M2) Chips. -2. Double-click GpgFrontend.dmg to load it. -3. Double-click to run it. -4. If you're satisfied with the program, you can drag it into your Application - folder. +#### Manual Installation from DMG -#### Debian/Ubuntu/CentOS (AppImage) +1. **Install GnuPG** via Homebrew or download it from [GPG for OS + X](https://sourceforge.net/projects/gpgosx/files). +2. **Download** the `GpgFrontend-*******-macos-**.dmg` file from [GpgFrontend's + releases](https://github.com/saturneric/GpgFrontend/releases). Select + `x86_64` for compatibility with Intel and Apple Silicon chips. +3. **Mount** the DMG file and **run** GpgFrontend. +4. **Optional:** Drag GpgFrontend into your Applications folder for easy access. -AppImage is a format used in Linux systems to distribute portable software -without needing superuser privileges to install them. It packages the -application and all files needed for the application to run in a single file, -thus avoiding dependency issues. This makes the distribution of software more -user-friendly. +### For Linux Users (AppImage) -0. Install gnupg (Skip if you have already done this) - - For Debian/Ubuntu: - ```shell - $ sudo apt update - $ sudo apt install gpg - ``` - - For CentOS: - ```shell - $ sudo yum install gnupg - ``` -1. [Download](https://github.com/saturneric/GpgFrontend/releases) the file +AppImage simplifies software distribution by bundling applications and all +necessary libraries into a single, executable file, eliminating dependency +conflicts. + +1. **Install GnuPG** if it's not already installed. + - Debian/Ubuntu: `sudo apt update && sudo apt install gpg` + - CentOS: `sudo yum install gnupg` +2. **Download** the AppImage from [GpgFrontend's + releases](https://github.com/saturneric/GpgFrontend/releases), labeled `GpgFrontend-*******-linux-x86_64.AppImage`. -2. Grant execute permissions to the file: - ```shell - $ chmod u+x ./GpgFrontend-***-linux-x86_64.AppImage - ``` -3. Double-click the file to run it. +3. **Make it executable:** `chmod u+x ./GpgFrontend-***-linux-x86_64.AppImage`. +4. **Launch** the AppImage with a double-click or through the terminal. + +### BSD Users (FreeBSD/OpenBSD) + +Currently, there are no binary releases for BSD systems. However, GpgFrontend +can be compiled and run on BSD. Refer to the GitHub repository for build +instructions. + +## Downloading from GitHub Releases + +GpgFrontend is primarily distributed through GitHub Releases, ensuring +accessibility and eliminating the need for personal server management. + +Upon navigating to [GpgFrontend's download +page](https://github.com/saturneric/GpgFrontend/releases/latest), you'll find +detailed information about the latest version, including new features and fixes. +Each release is signed for security verification purposes, allowing users with +heightened security needs to confirm the authenticity of the downloaded files. + +Scroll down to the **Assets** section to select the appropriate version for your +operating system. The filenames include a unique identification number, crucial +for reporting any version-specific issues. + +Files ending in 'signature' are GPG separate signatures, which can be verified +with GPG to ensure they are officially released and approved by me. + +Select the version that suits your system or follows the provided instructions +to begin the download. + +By following these steps, you'll be ready to use GpgFrontend, enhancing your +digital security with powerful encryption tools at your fingertips. + +## Basic Operations with GpgFrontend + +After successfully installing GpgFrontend, you're ready to dive into the world +of encryption and secure communication. This guide will walk you through some +fundamental operations to get you started. + +### Generating Your First Key Pair + +1. Open GpgFrontend: Launch the application. +2. Access Key Management: Navigate to the "Key Management" section. +3. Generate Key Pair: Look for an option to "Generate" a new key pair. +4. Fill in your details, such as name and email, and choose your desired key + type and size. You can also add a comment if you wish. +5. Set an expiration date for the key, or choose 'Never Expire' if you prefer. +6. Create a passphrase for your key to ensure its security. Remember to use a + strong passphrase that you won't forget. +7. Once all details are filled in, click 'OK' to generate your key pair. + +### Encrypting + +1. **Write a Message:** Start by writing a message in the main text area of + GpgFrontend. +2. **Choose Recipient:** Select the public key of the message's recipient. If + you're practicing, you can select your own public key. +3. **Encrypt:** With the recipient's public key selected, click on the "Encrypt" + option. The text will be encrypted, making it readable only by the selected + recipient. + +### Decrypting + +1. **Receive an Encrypted Message:** Copy the encrypted message into + GpgFrontend's main text area. +2. **Decrypt:** Click on the "Decrypt" option. If the message was encrypted with + your public key, you would need to enter the password for your private key to + decrypt it. -## BSD(FreeBSD/OpenBSD) +### Signing -If you're a BSD user, note that binary releases aren't provided yet. However, -you can still build and run GpgFrontend on these operating systems. +1. **Create a Message:** Type your message in the text area. +2. **Sign:** Choose the "Sign" option and select your private key. Enter your + key's password to sign the message. This adds a digital signature that + verifies you as the message's sender. -## Get from GitHub Release +### Verifying -The primary distribution channel is the Release feature available on GitHub. -This method is free and accessible to most people globally, eliminating the need -for me to manage servers and bandwidth, thus saving resources. +1. **Receive a Signed Message:** Paste the signed message into GpgFrontend. +2. **Verify:** Click on "Verify" to check the signature. If the signature + matches the sender's public key, GpgFrontend will confirm the message's + integrity and authenticity. -Upon clicking the -[download](https://github.com/saturneric/GpgFrontend/releases/latest) link, you -will see an interface displaying the current version number of the latest -release, its release date, and more. +### Key Management and Sharing - +#### Exporting and Sharing Your Public Key -In the main text, you can find some significant features or fixes for the -version. If you're a programmer, you can also view the change log to see how the -source code differs from the previous version. Notice the two green tick marks, -which represent that I have personally signed the source code for the version. -This can be crucial for users with high-security needs. +1. Go to 'Manage Keys'. +2. Select your key pair and choose 'Export Key'. +3. Save your public key to a file or copy it to the clipboard to share it with + others. -Scrolling down, you can find several Assets. These are releases of GpgFrontend -for different operating systems. The parts of the filename are separated by -separators. The second section (e.g., 6171479) is a unique identification number -for the version's source code. When pointing out problems with a version, -remember to provide this 7-digit unique identification number. +#### Importing a Public Key - +To communicate securely with someone else, you need their public key. Click +'Import key'. You can import a key file or copy and paste the public key +directly. After importing, the public key will appear in your keyring, ready for +use. -Files with 'signature' as the suffix are GPG separate signatures for the -corresponding released version of the file. You can use GPG to verify whether -the downloaded file is signed and approved by me. +### Exchanging Public Keys with Friends -Choose the appropriate release version according to your needs or the -instructions provided, and click on the name to download.
\ No newline at end of file +1. **Export Your Public Key:** From the "Key Management" section, find the + option to export your public key. Save it as a file or copy it to your + clipboard. +2. **Share Your Public Key:** Send your public key to your friend via email, + messaging app, or any secure channel you prefer. +3. **Import Your Friend's Public Key:** When your friend sends you their public + key, import it into GpgFrontend using the "Import" option in the "Key + Management" section. + +By exchanging public keys, you establish a secure channel for encrypted +communication. Only the holder of the corresponding private key can decrypt +messages encrypted with a public key, ensuring privacy and security in your +communications. + +## Conclusion + +GpgFrontend is a powerful tool for enhancing your digital security. By +generating key pairs, encrypting and decrypting messages, signing documents, and +exchanging public keys, you can safeguard your communications in a world where +privacy is increasingly precious. As you become more familiar with these +operations, explore further features and settings within GpgFrontend to tailor +your security practices to your needs. Remember, the cornerstone of digital +security is practicing safe key management and password hygiene. Welcome to the +secure side! |