diff options
Diffstat (limited to 'src/content/docs/guides/sign-verify-file.md')
| -rw-r--r-- | src/content/docs/guides/sign-verify-file.md | 163 |
1 files changed, 0 insertions, 163 deletions
diff --git a/src/content/docs/guides/sign-verify-file.md b/src/content/docs/guides/sign-verify-file.md deleted file mode 100644 index 7693bf4..0000000 --- a/src/content/docs/guides/sign-verify-file.md +++ /dev/null @@ -1,163 +0,0 @@ ---- -title: Signing & Verifying Files ---- - -GpgFrontend extends its utility from handling text-based operations to -facilitating file operations with ease and security. The principle behind -signing and verifying files mirrors that of text, leveraging the robust -framework of digital signatures. However, a significant distinction lies in the -nature of the input and output for file operations, which can be binary, -accommodating a wider range of file types beyond simple text documents. - -When signing a file using GpgFrontend, the software utilizes the private key of -the user to create a digital signature. This process begins by computing a hash -of the file's contents, regardless of whether the file is a document, image, -executable, or any other binary format. This hash serves as a compact -representation of the file's data. Subsequently, the hash is encrypted with the -user's private key, producing a digital signature unique to both the file and -the key used. The resulting signature can either be attached to the file or -stored separately, depending on the user's preference and the requirements of -the application. - -Verifying a signed file with GpgFrontend involves the corresponding public key -of the private key that was used for signing. The verification process decrypts -the digital signature using this public key to extract the original hash value -that was generated during the signing. Simultaneously, the software computes a -new hash from the file that is purported to be authentic. By comparing these two -hash values, GpgFrontend can determine if the file has been altered after it was -signed. If the hashes match, it confirms the file's integrity and authenticity, -assuring the recipient of its untampered state and the signer's identity. - -This binary capability of file operations in GpgFrontend not only broadens the -scope of digital signatures to encompass a variety of file types but also -ensures that the integrity and authenticity verification process is not limited -to text-based data. It provides a critical layer of security in digital -communications, where files of all kinds are shared and exchanged with the -expectation of privacy and trust. - -The application of digital signatures to files through tools like GpgFrontend is -especially relevant in scenarios where the authenticity of the file source and -the integrity of its contents are paramount. This includes software -distribution, where verifying the source and integrity of software packages is -crucial to prevent malware distribution; document sharing in legal and financial -contexts, where tampering could have serious implications; and multimedia -content distribution, where copyright and ownership are significant concerns. - -In summary, GpgFrontend's support for signing and verifying files elevates the -security of digital file exchanges by applying the principles of cryptography in -a user-friendly manner. By accommodating binary file operations, it ensures that -digital signatures are accessible and applicable across a broad spectrum of file -types, reinforcing the pillars of trust and security in digital communications. - -## Sign & Verify File - -GpgFrontend extends its utility from handling text-based operations to -facilitating file operations with ease and security. The principle behind -signing and verifying files mirrors that of text, leveraging the robust -framework of digital signatures. However, a significant distinction lies in the -nature of the input and output for file operations, which can be binary, -accommodating a wider range of file types beyond simple text documents. - -## Using File Browser for Signing and Verifying - -After clicking the **File Browser** button, a system directory selection dialog -will appear. Follow these steps to perform signing and verifying operations: - -1. **Open File Browser**: - - - Click the **File Browser** button in the toolbar at the top of the - interface. This will open a system dialog allowing you to choose a - directory. - -2. **Select Directory**: - - - In the system dialog, navigate to the desired directory and select it. Once - selected, a new tab named "File Browser" will open in GpgFrontend, - displaying the contents of the chosen directory. - -3. **Select a File**: - - - In the File Browser tab, you will see a list of files and folders within - the selected directory. Click on the file you want to sign or verify. - -4. **Sign the File**: - - - To sign a file, first select the file in the File Browser. Then, in the - **Key Toolbox** on the right, select your private key by checking the box - next to your key. Finally, click the **Sign** button in the toolbar at the - top. - -5. **Verify the File**: - - - To verify a file, select the signed file in the File Browser. Ensure you - have the corresponding public key in your keyring. Click the **Verify** - button in the toolbar. If the correct key is available, the file's - signature will be verified. - - - -By following these steps, you can easily manage file signing and verifying using -the GpgFrontend's File Browser feature. This streamlined process allows you to -handle your cryptographic needs directly from the file system interface. - -## File Extension Requirements - -GpgFrontend supports different file extensions for various cryptographic -operations. Understanding these extensions helps in properly managing signed -files. Here’s a breakdown of the file extensions used: - -#### ASCII Format - -- **.asc**: Files with the ".asc" extension are in ASCII format. These files - contain ASCII-armored signatures, which are a text representation of the - signed data. ASCII format is typically used for easy sharing via email or text - editors, as it ensures compatibility with text-based applications. - -#### Binary Format - -- **.sig**: Files with the ".sig" extension are in binary format. Binary - signature files are more compact than their ASCII counterparts and are - generally used for more efficient storage and transmission. They cannot be - viewed directly in text editors, as the content is in a binary format. -- **.gpg**: Files with the ".gpg" extension are also used for binary signatures. - These files are used when both encryption and signing are performed together, - containing both the encrypted content and the signature. - -To perform verification operations, you need to use files with either the -".sig", ".gpg", or ".asc" extension. These files contain the necessary signature -content required for these operations. - -By adhering to these file extension requirements, you can ensure that your -signed files are correctly recognized and processed by GpgFrontend. - -### Default Output Mode - -Before version 2.0.4, GpgFrontend generated signature files exclusively in ASCII -format. However, beginning with version 2.0.4, GpgFrontend now generates -signature files in binary format by default. This setting can be adjusted in the -program's settings. - -### Changing Output Mode - -To change the output mode between ASCII and binary formats, follow these steps: - -1. **Open Settings**: - - - Navigate to the GnuPG Controller settings within GpgFrontend. This can be - done by accessing the settings menu from the main interface. - -2. **Locate Binary Mode Option**: - - - In the settings interface, under the "General" section, locate the option - labeled "Use Binary Mode for File Operations". - -3. **Toggle Binary Mode**: - - Check or uncheck this option to switch between binary (sig/gpg) and ASCII - (asc) output formats. Checking the box will enable binary mode, while - unchecking it will revert to ASCII format. - -By following these steps, you can customize how GpgFrontend handles the format -of signature files according to your preference or needs. - - |