diff options
Diffstat (limited to 'src/content/docs/guides')
| -rw-r--r-- | src/content/docs/guides/email.md | 182 | ||||
| -rw-r--r-- | src/content/docs/guides/generate-key.md | 180 | ||||
| -rw-r--r-- | src/content/docs/guides/generate-use-subkey.md | 260 | ||||
| -rw-r--r-- | src/content/docs/guides/symmetric-encrypt-decrypt.md | 10 | ||||
| -rw-r--r-- | src/content/docs/guides/understand-interface.md | 244 |
5 files changed, 525 insertions, 351 deletions
diff --git a/src/content/docs/guides/email.md b/src/content/docs/guides/email.md new file mode 100644 index 0000000..b632157 --- /dev/null +++ b/src/content/docs/guides/email.md @@ -0,0 +1,182 @@ +--- +title: Email Functionality +sidebar: + label: Email Operations +--- + +GpgFrontend offers a powerful and user-friendly solution for email encryption +and signing, tailored for security-conscious users. By processing emails offline +in a widely supported `.eml` format, it eliminates the need for complex +protocols while maintaining robust OpenPGP compliance. Whether you're signing, +encrypting, verifying, or decrypting emails, GpgFrontend ensures a secure and +streamlined experience. + +## **Purpose and Key Advantages** + +GpgFrontend's email processing functionality is designed to empower users to +handle PGP-signed and encrypted emails in situations where their email clients +or web-based email services lack native PGP support. The core advantages +include: + +- **Offline Verification and Decryption**: Users can securely process emails + locally without uploading their private keys to email providers. This + significantly enhances privacy and security. +- **EML Format Handling**: By leveraging the widely supported `.eml` format, + GpgFrontend avoids introducing complex protocols like IMAP or SMTP, + maintaining simplicity while offering full OpenPGP compliance. +- **Security-Focused**: For security-conscious users, GpgFrontend provides an + offline, local-first solution that minimizes exposure to online threats and + untrusted environments. + +## **Features Overview** + +### **1. OpenPGP Standards Compliance** + +GpgFrontend adheres to OpenPGP standards (RFC 4880 and 3156) for email +encryption and signing, ensuring compatibility with tools like Thunderbird and +other OpenPGP-enabled clients. + +- Emails processed in GpgFrontend can be easily verified and decrypted by + compliant email clients. +- Supports separate and combined operations, such as: + - **Sign Only**: Digitally sign the email to ensure authenticity. + - **Encrypt Only**: Encrypt the email to protect its content. + - **Sign and Encrypt Together**: Combine both operations for comprehensive + security. + - **Decrypt and Verify Together or Separately**: Flexibly handle incoming + messages. + +### **2. Creating and Processing Emails** + +#### **Creating and Signing Emails** + +1. Open GpgFrontend and click **"New E-Mail"** to create a blank email. + + + +2. Type your email content in the editor. +3. Select your private key from the **Key Toolbox**. +4. Click **"Sign"** to digitally sign the email. + - Signed emails include a PGP signature block, visible in the content. + + + +#### **Encrypting Emails** + +1. Select the recipient's public key in the **Key Toolbox**. +2. Click **"Encrypt"** to secure the email content. + - The content will be transformed into a PGP-encrypted format. + + + +#### **Saving Emails for Sending** + +1. Processed emails can be saved as `.eml` files using **File > Save As**. +2. Upload the `.eml` file to your email client's drafts folder or webmail + interface, then send the email. + +### **3. Receiving and Processing Emails** + +#### **Decrypting and Verifying Emails** + +1. Export the email source as an `.eml` file from your email client or copy the + raw email source. +2. Open the `.eml` file in GpgFrontend. +3. Use: + - **"Decrypt Verify"**: Decrypt and verify the email simultaneously. + - **"Verify"**: Validate the signature without decrypting. + - **"Decrypt"**: Decrypt without verifying. + + + +#### **Offline Validation** + +- GpgFrontend processes all email verification and decryption offline, ensuring + that no sensitive data is exposed to external servers. +- Users retain full control of their private keys, which remain stored locally. + +### **4. Why Use EML Format?** + +#### **Benefits of EML** + +- `.eml` is a widely supported format across email clients like Thunderbird, + Outlook, and webmail platforms. +- Unlike proprietary email handling protocols, `.eml` allows for seamless + export, import, and offline processing. + +#### **Why Not Use IMAP/SMTP?** + +- Avoids the complexity and potential vulnerabilities introduced by integrating + full-fledged email protocols. +- Keeps the application lightweight and focused on local cryptographic + operations. + +#### **Addressing PGP Limitations in Clients** + +- Many email clients lack robust PGP support or offer inconsistent + implementations. +- GpgFrontend provides a reliable and flexible solution for users needing + advanced PGP functionality. + +## **Key Use Cases** + +### **1. Sending Emails** + +1. Process the email in GpgFrontend (e.g., sign, encrypt, or both). +2. Save the processed email as an `.eml` file. +3. Import the `.eml` file into your email client or webmail interface, then send + it. + +### **2. Receiving Emails** + +1. Export the email source as `.eml` from your email client. +2. Open it in GpgFrontend to decrypt or verify. +3. For example: + - A signed email will display a **"Good Digital Signature"** message. + - An encrypted email will be decrypted and displayed in plaintext. + +## **Advanced Features** + +### **1. Combined Operations** + +- GpgFrontend supports simultaneous encryption and signing of outgoing emails. +- Incoming emails can also be decrypted and verified in a single operation for + convenience. + +### **2. Flexible Processing** + +- Choose separate or combined workflows for signing, encrypting, verifying, or + decrypting based on your needs. +- This flexibility makes GpgFrontend a versatile tool for various email + scenarios. + +### **3. Offline-First Design** + +- All cryptographic operations are performed locally, ensuring that private keys + and sensitive data are never exposed to external servers. + +## **Best Practices for Secure Email Handling** + +1. **Use Trusted Keys**: + + - Regularly validate public keys to prevent misuse. + - Import keys only from trusted sources. + +2. **Keep Private Keys Offline**: + + - Avoid uploading private keys to email providers. + - Store private keys securely, preferably on encrypted storage. + +3. **Leverage GpgFrontend's Local Processing**: + + - Ensure all encryption, signing, and verification tasks are performed + offline for maximum security. + +4. **Save Emails in EML Format**: + + - Use `.eml` files for cross-platform compatibility and simple integration + with various email clients. + +5. **Check Email Compatibility**: + - Ensure recipients can handle PGP-encrypted emails or provide instructions + for using tools like GpgFrontend or Thunderbird. diff --git a/src/content/docs/guides/generate-key.md b/src/content/docs/guides/generate-key.md index 9202d80..354b54c 100644 --- a/src/content/docs/guides/generate-key.md +++ b/src/content/docs/guides/generate-key.md @@ -1,5 +1,5 @@ --- -title: Generate Key Pair & Subkey +title: Generate Key Pair sidebar: order: 3 --- @@ -65,188 +65,16 @@ signing, and authentication. Follow the steps below to create your own keys. By following these steps, you can generate a secure key pair using GpgFrontend, tailored to your specific needs for encryption, signing, and authentication. -## Steps to Generate a Subkey - - - -1. **Open Key Management**: - - - In the Key Management interface, right-click on the key pair you wish to - add a subkey to. Select the "New Subkey" option from the context menu. - -2. **Fill in Basic Information**: - - - **Key Type**: Select the type of subkey you want to generate. Available - options include RSA, DSA, ECDSA, ECDH, ECDH NIST P-256, ECDH NIST P-384, - ECDH NIST P-521, ECDH BrainPool P-256, ECDH BrainPool P-384, and ECDH - BrainPool P-512. - - **Key Size**: Choose the key size. This option is only applicable when the - key type is RSA or DSA. - - **Expiration Date**: Set an expiration date for the subkey. You can also - choose to check the "Never expire" checkbox to make the subkey permanent. - -3. **Set a Passphrase**: - - - If the primary key has a passphrase, the subkey's passphrase must be equal - to it. Ensure that the "Non Pass Phrase" checkbox is unchecked if you want - to set a passphrase. - -4. **Select Key Usage**: - - - Specify the usage for the subkey. Options include: - - **Encryption**: For encrypting data. - - **Signing**: For creating digital signatures. - - **Authentication**: For authentication purposes, such as SSH keys. - - Note that the certification usage is not available for subkeys. - -5. **Generate the Subkey**: - - After filling in all the necessary information and selecting the desired - options, click the "OK" button to generate your subkey. - -By following these steps, you can generate a subkey using GpgFrontend, which -enhances the functionality of your primary key pair for various cryptographic -operations. - -## Extra Note - -Below are some guidelines that may prove useful in comprehending the -aforementioned concepts and utilizing this tool accurately. - -#### Understanding Primary Keys and Subkeys - -In the realm of cryptography, key management plays a crucial role in ensuring -data security. A key pair consists of a primary key and one or more subkeys, -each serving distinct functions yet working together to secure and manage -digital identities and communications. This structure not only enhances security -but also provides flexibility in key usage and management. - -#### The Role of Primary Key and Subkeys - -- **Primary Key**: The primary key is the cornerstone of your cryptographic - identity. It is used for identity verification, which includes signing other - keys to establish trust. The primary key's signature on a subkey validates the - subkey's association with the identity of the primary key holder. - -- **Subkeys**: Subkeys are associated with the primary key and are used for - encryption and signing documents or messages. Subkeys can be thought of as - extensions of the primary key, each designated for specific tasks. This - separation of duties allows for greater security and operational flexibility. - For example, you can have separate subkeys for signing and encryption. - -#### Advantages of Using Subkeys - -1. **Enhanced Security**: By using subkeys for day-to-day operations, you - minimize the risk associated with key exposure. If a subkey is compromised, - it can be revoked without affecting the primary key or other subkeys, thereby - limiting the potential damage. - -2. **Operational Flexibility**: Subkeys allow for specific roles (e.g., signing, - encryption) to be isolated. This means you can renew or revoke subkeys as - needed without disrupting the overall cryptographic setup. - -3. **Convenient Key Rotation**: Regularly updating keys is a best practice in - cryptography. Subkeys make it easier to rotate keys for signing and - encryption without needing to re-establish the primary key's trust - relationships. - -#### Managing Primary Keys and Subkeys - -- **Secure Storage**: The primary key should be stored in a highly secure - location, preferably offline or in a hardware security module (HSM), to - prevent unauthorized access. The loss or compromise of the primary key - jeopardizes the entire cryptographic framework. - -- **Key Generation and Maintenance**: While tools like GpgFrontend provide - user-friendly interfaces for managing keys, they may lack support for advanced - operations like generating multiple subkeys. Therefore, using the command-line - `gpg` tool for such tasks is advisable. Despite this limitation, GpgFrontend - can play a critical role in monitoring the presence of the primary key, which - is essential for certain operations like adding subkeys or signing other keys. - -- **Revocation and Renewal**: Prepare revocation certificates for your primary - key and subkeys in advance. In case of key compromise or expiration, these - certificates allow you to invalidate the keys, informing others in your trust - network not to use them anymore. - -#### Practical Tips for Effective Key Management - -- **Purpose-Specific Subkeys**: If your primary key was not generated with - certain capabilities (e.g., encryption), you can create a subkey with the - required functionality. This allows the key pair to be used for the intended - cryptographic operations without regenerating the primary key. - -- **Multiple Subkeys for Different Devices**: For users operating across - multiple devices, generating separate subkeys for each device can enhance - security. If one device is compromised, only the subkey on that device needs - to be revoked, leaving the others unaffected. - -- **Backup and Recovery**: Regularly back up your key pair, including the - primary key and all subkeys. Secure backups ensure that you can recover your - cryptographic capabilities even in the event of hardware failure or data loss. - -In summary, understanding and implementing a robust key management strategy, -with a clear distinction between primary keys and subkeys, is essential for -maintaining the integrity and security of cryptographic operations. By adhering -to best practices for key usage, storage, and renewal, users can safeguard their -digital identities and ensure the confidentiality and authenticity of their -communications. - -#### Additional Note on Subkey Algorithm Types - -Subkeys in GpgFrontend offer more algorithm types than primary keys due to their -specialized roles. While primary keys focus on establishing identity and trust, -subkeys are often dedicated to specific tasks like encryption or authentication. -This task-specific design allows subkeys to utilize a broader range of -algorithms, enhancing their flexibility and functionality. For instance, while -primary keys may be restricted to certain secure algorithms for signing, subkeys -can employ diverse algorithms optimized for encryption, like ECDH, ensuring -efficient and secure operations tailored to the user's needs. - -For more Details: [Comparison of Cryptographic Algorithms](/extra/algorithms-comparison) - -**Primary Key Supported Algorithms:** +## Primary Key Supported Algorithms - RSA - DSA - ECDSA ED25519 +- EdDSA ED448 (GnuPG >2.3.0) +- ECDSA SECP256K1 (GnuPG >2.3.0) - ECDSA NIST P-256 - ECDSA NIST P-384 - ECDSA NIST P-521 - ECDSA BrainPool P-256 (GnuPG >2.3.0) - ECDSA BrainPool P-384 (GnuPG >2.3.0) - ECDSA BrainPool P-512 (GnuPG >2.3.0) - -**Subkey Supported Algorithms:** - -- RSA -- DSA -- ELG-E -- ECDSA ED25519 -- ECDSA ED448 (GnuPG >2.3.0) -- ECDH CV25519 -- ECDH X448 (GnuPG >2.3.0) -- ECDH NIST P-256 -- ECDH NIST P-384 -- ECDH NIST P-521 -- ECDH BrainPool P-256 (GnuPG >2.3.0) -- ECDH BrainPool P-384 (GnuPG >2.3.0) -- ECDH BrainPool P-512 (GnuPG >2.3.0) - -**Explanation:** - -The broader range of algorithms available for subkeys arises because subkeys are -designed for specific functions and can therefore leverage specialized -algorithms optimized for those functions. For example, ECDH (Elliptic Curve -Diffie-Hellman) is highly efficient for encryption tasks and is commonly used -for subkeys dedicated to encryption. This flexibility in algorithm choice -ensures that cryptographic operations can be optimized for both performance and -security based on the specific use case. - -Primary keys, however, are central to the user's cryptographic identity and are -primarily used for signing and certifying subkeys. This critical role -necessitates the use of well-established and highly secure algorithms to ensure -the integrity and trustworthiness of the entire cryptographic system. - -By differentiating the algorithms and roles of primary keys and subkeys, -GpgFrontend enhances both security and operational efficiency, allowing users to -maintain a robust and flexible cryptographic setup​. diff --git a/src/content/docs/guides/generate-use-subkey.md b/src/content/docs/guides/generate-use-subkey.md new file mode 100644 index 0000000..122bb9b --- /dev/null +++ b/src/content/docs/guides/generate-use-subkey.md @@ -0,0 +1,260 @@ +--- +title: Generate and Use Subkey +sidebar: + order: 3 +--- + +GpgFrontend provides comprehensive support for subkeys, allowing users to +enhance security and flexibility through proper key management. + +## Steps to Generate a Subkey + + + +1. **Open Key Management**: + + - In the Key Management interface, right-click on the key pair you wish to + add a subkey to. Select the "New Subkey" option from the context menu. + +2. **Fill in Basic Information**: + + - **Key Type**: Select the type of subkey you want to generate. Available + options include RSA, DSA, ECDSA, ECDH, ECDH NIST P-256, ECDH NIST P-384, + ECDH NIST P-521, ECDH BrainPool P-256, ECDH BrainPool P-384, and ECDH + BrainPool P-512. + - **Key Size**: Choose the key size. This option is only applicable when the + key type is RSA or DSA. + - **Expiration Date**: Set an expiration date for the subkey. You can also + choose to check the "Never expire" checkbox to make the subkey permanent. + +3. **Set a Passphrase**: + + - If the primary key has a passphrase, the subkey's passphrase must be equal + to it. Ensure that the "Non Pass Phrase" checkbox is unchecked if you want + to set a passphrase. + +4. **Select Key Usage**: + + - Specify the usage for the subkey. Options include: + - **Encryption**: For encrypting data. + - **Signing**: For creating digital signatures. + - **Authentication**: For authentication purposes, such as SSH keys. + - Note that the certification usage is not available for subkeys. + +5. **Generate the Subkey**: + - After filling in all the necessary information and selecting the desired + options, click the "OK" button to generate your subkey. + +By following these steps, you can generate a subkey using GpgFrontend, which +enhances the functionality of your primary key pair for various cryptographic +operations. + +## Understanding Primary Keys and Subkeys + +In the realm of cryptography, key management plays a crucial role in ensuring +data security. A key pair consists of a primary key and one or more subkeys, +each serving distinct functions yet working together to secure and manage +digital identities and communications. This structure not only enhances security +but also provides flexibility in key usage and management. + +### The Role of Primary Key and Subkeys + +- **Primary Key**: The primary key is the cornerstone of your cryptographic + identity. It is used for identity verification, which includes signing other + keys to establish trust. The primary key's signature on a subkey validates the + subkey's association with the identity of the primary key holder. + +- **Subkeys**: Subkeys are associated with the primary key and are used for + encryption and signing documents or messages. Subkeys can be thought of as + extensions of the primary key, each designated for specific tasks. This + separation of duties allows for greater security and operational flexibility. + For example, you can have separate subkeys for signing and encryption. + +### Advantages of Using Subkeys + +1. **Enhanced Security**: By using subkeys for day-to-day operations, you + minimize the risk associated with key exposure. If a subkey is compromised, + it can be revoked without affecting the primary key or other subkeys, thereby + limiting the potential damage. + +2. **Operational Flexibility**: Subkeys allow for specific roles (e.g., signing, + encryption) to be isolated. This means you can renew or revoke subkeys as + needed without disrupting the overall cryptographic setup. + +3. **Convenient Key Rotation**: Regularly updating keys is a best practice in + cryptography. Subkeys make it easier to rotate keys for signing and + encryption without needing to re-establish the primary key's trust + relationships. + +## Best Practices for Using Subkeys + +After understanding the concepts discussed above, you might be wondering how +exactly you can effectively use subkeys to maximize their advantages. In +principle, the main goal is to separate the subkey from the primary key to +leverage better security. If your subkeys are always kept together with the +primary key, you will always need to use the complete set of keys, increasing +the risk of compromising the primary key. GpgFrontend supports the export of +individual subkeys, as well as the configuration of multiple key databases. +Using these features together, you can easily isolate a particular subkey, +export it, and import it into another key database. This allows you to secure +the primary key separately, even removing it from the original key database to +reduce exposure. For high-security environments, it is recommended that: + +> "The primary key should be stored in a highly secure location, preferably +> offline or in a hardware security module (HSM), to prevent unauthorized +> access. The loss or compromise of the primary key jeopardizes the entire +> cryptographic framework." + +### Step-by-Step Guide to Exporting Subkeys + +To demonstrate how to export an individual subkey, let's refer to the screenshot +provided. Below is a step-by-step guide to navigate the GpgFrontend interface +and successfully export a subkey: + +1. **Open Key Details View**: Open the GpgFrontend application and navigate to + the key database section. Select the desired key from the list to open the + **Key Details** view. + +2. **Access the Keychain Tab**: Click on the **Keychain** tab within the Key + Details window. Here, you will be able to see a list of all keys associated + with your selected primary key. The list includes the primary key itself, + which is displayed in the first row, as well as any subkeys. + +3. **Select a Subkey**: Locate and click on the subkey you wish to export. Once + selected, details about the subkey will appear in the lower half of the + window, providing information such as **Key ID**, **Algorithm**, **Key + Size**, and **Usage**. + +4. **Export the Subkey**: On the right side of the key details section, there is + an **Export Subkey** button, highlighted in the screenshot. Click this button + to start the export process. + +5. **Save the Subkey File**: A file dialog will appear, prompting you to specify + a location to save the exported subkey. Choose a secure directory and save + the subkey as a separate file. + + + +### Step-by-Step Guide to Importing Subkeys + +To demonstrate how to import an individual subkey that has been previously +exported, let's refer to the screenshots provided. Below is a step-by-step guide +to navigate the GpgFrontend interface and successfully import a subkey: + +1. **Select the Key Database**: Choose the appropriate key database from the **Key Toolbox**. + + + +1. **Import the Subkey**: Click on the **Import Key** button in the top toolbar, + and select **File** from the dropdown menu. This action will open a dialog + where you can browse your system to locate the previously exported subkey + file. + +  + +2. **Select Subkey File**: Browse to the location where the subkey file is + saved, select it, and click **Open**. This will import the subkey into the + selected key database. + +3. **Verify Imported Subkey**: After importing the subkey, locate it in the + **Key Toolbox** list. Click on the subkey to open its **Key Details** view. + You should see all relevant information about the subkey, including **Key + ID**, **Algorithm**, **Key Size**, and **Usage**. + +4. **Handling Primary Key**:You can now move your master key to a safe place. Then delete it at + GpgFrontend. + +  + +### Confirming Primary Key Absence + +In the **Key Toolbox**, you may notice that some keys have a `#` symbol next to +their **Type** (e.g., **pub/sec#**). This symbol indicates that the primary key +for this subkey does not exist in the current key database. This is expected if +you have securely removed the primary key to minimize exposure, while retaining +the subkeys for ongoing operations. + + + +You can confirm the absence of the primary key by opening the **Key Details** +view of the imported subkey. In the **Primary Key Existence** section, it should +indicate **Not Exists**. This ensures that the primary key is not present, which +enhances the overall security of your cryptographic setup. + +## Key Functionality Without a Primary Key + +When a primary key is absent from the key database, certain limitations apply. +You can confirm the absence of the primary key by checking the **Primary Key +Existence** section in the Key Details view, which will display **Not Exists**. +This setup is intentional in many cases to improve security by isolating the +primary key. + + + +### Actions Limited by the Absence of a Primary Key: + +1. **Creating New Subkeys**: The absence of the primary key prevents the + generation of additional subkeys. +2. **Adding UID**: You cannot attach new User IDs (UIDs) to the keyset without + the primary key. +3. **Key Certification**: Signing other keys to certify them as trusted is only + possible with a primary key. +4. **Key Revocation**: Generating a revocation certificate for the subkey or + primary key is impossible without the primary key. + +### Practical Example: Subkey-Only Use Case + +In scenarios where only the subkey remains, as depicted in the screenshot: + +- The subkey can be actively used for encryption purposes (e.g., encrypting + emails or files). +- Since no subkey capable of signing exists, you cannot digitally sign data. To + address this, it is advisable to generate a signing-capable subkey during the + initial key creation process. + +This setup is particularly beneficial for environments where the exposure of the +primary key poses a security risk. By isolating the primary key and relying +solely on subkeys, you can maintain a balance between functionality and +security. + + + +### Tips for Secure Usage: + +1. **Inspect Subkey Capabilities**: Always verify what operations a subkey can + perform by reviewing its **Usage** field. +2. **Plan Subkey Generation**: At the time of key creation, consider creating + multiple subkeys with distinct purposes (e.g., signing, encryption, + authentication). +3. **Backup Primary Key Securely**: Store the primary key in an offline, highly + secure location to allow recovery or advanced operations if needed. + +### Additional Note on Subkey Algorithm Types + +Subkeys in GpgFrontend offer more algorithm types than primary keys due to their +specialized roles. While primary keys focus on establishing identity and trust, +subkeys are often dedicated to specific tasks like encryption or authentication. +This task-specific design allows subkeys to utilize a broader range of +algorithms, enhancing their flexibility and functionality. For instance, while +primary keys may be restricted to certain secure algorithms for signing, subkeys +can employ diverse algorithms optimized for encryption, like ECDH, ensuring +efficient and secure operations tailored to the user's needs. + +For more Details: [Comparison of Cryptographic Algorithms](/extra/algorithms-comparison) + +**Subkey Supported Algorithms:** + +- RSA +- DSA +- ELG-E +- ECDSA ED25519 +- ECDSA ED448 (GnuPG >2.3.0) +- ECDH CV25519 +- ECDH SECP256K1 (GnuPG >2.3.0) +- ECDH X448 (GnuPG >2.3.0) +- ECDH NIST P-256 +- ECDH NIST P-384 +- ECDH NIST P-521 +- ECDH BrainPool P-256 (GnuPG >2.3.0) +- ECDH BrainPool P-384 (GnuPG >2.3.0) +- ECDH BrainPool P-512 (GnuPG >2.3.0)
\ No newline at end of file diff --git a/src/content/docs/guides/symmetric-encrypt-decrypt.md b/src/content/docs/guides/symmetric-encrypt-decrypt.md index 965b976..c86280d 100644 --- a/src/content/docs/guides/symmetric-encrypt-decrypt.md +++ b/src/content/docs/guides/symmetric-encrypt-decrypt.md @@ -45,16 +45,6 @@ challenge of securely exchanging the password between the sender and receiver cannot be understated. If this password is intercepted or guessed by an unauthorized party, the encrypted data's security is compromised. -In summary, GpgFrontend's support for symmetric encryption provides a powerful -tool for users needing to secure their data with a password. This method is -distinguished by its reliance on a single password for both encryption and -decryption, offering a balance between simplicity and security. Users must -exercise caution in creating a strong password and ensure its secure exchange to -maintain the confidentiality and integrity of their encrypted data. Symmetric -encryption with GpgFrontend is a testament to the versatility of cryptographic -practices, catering to a wide range of security needs with user-friendly -solutions. - ## How to Perform Symmetric Encryption Performing symmetric encryption with GpgFrontend is a straightforward process. diff --git a/src/content/docs/guides/understand-interface.md b/src/content/docs/guides/understand-interface.md index 07562f7..f854585 100644 --- a/src/content/docs/guides/understand-interface.md +++ b/src/content/docs/guides/understand-interface.md @@ -4,186 +4,100 @@ sidebar: order: 2 --- -As a beginner, you're only required to swiftly comprehend a few crucial sections -of the page. The exploration that follows will gradually unveil additional -functionalities. Bear in mind that interfaces may vary across different -versions. - - - -## Text Editor - -The text editing zone allows you the liberty to input any desired text or -establish a new tab through the "New" option in the file menu at the top. Moving -or closing tabs can be done with ease as per your needs. - -Numerous operations can be performed on your text using options available in the -Operations Bar at the top of the interface. You can encrypt, decrypt, sign, and -verify text directly from this menu. Additionally, standard shortcuts like -Ctrl+C, Ctrl+V, and Ctrl+S for copy, paste, and save operations, or searching -within the text using Ctrl+F, are supported. - -The edited text within the text box is encoded in UTF-8 without any formatting. -This plain text format ensures that no message alteration leads to confusion. -While there are plans to introduce rich text editing in the future, the -specifics are still being deliberated. - -### Large Text File Support - -GpgFrontend accommodates opening larger files without hindrance, with the -current limit set to 1MB per file. When dealing with relatively large files, -editing of the tab won't be feasible until the entire file is loaded. During -this time, despite not being able to edit the file, you still have the -capability to view it. - -It is important to note that opening files larger than 1MB is not supported, as -excessively long text files can cause significant performance issues with the -graphical user interface (GUI). This limitation helps maintain the application's -responsiveness and ensures a smooth user experience. - -## Information Board - -GpgFrontend presents the outcome of the current tab page operation on the -Information Board, signifying the success or failure of the operation. The -Information Board's text includes supplementary details to assist in -understanding the particulars of your encryption, decryption, signature, and -other operations. Depending on your language settings, the output displayed on -the dashboard may differ. - -The Information Board was conceived to provide a comprehensive view of more -information within the same space. However, GpgFrontend plans to incorporate a -graphical interface in the future to augment the user's comprehension of this -information. - -### Color Coding - -- **Green**: Indicates a successful operation that has been thoroughly verified - and found devoid of any issues. The appearance of green font color signifies - an all-clear. -- **Yellow**: Denotes a successful operation with some potential issues detected - during result testing. The yellow font color serves as a subtle alert for the - user, necessitating a detailed review of the operation. -- **Red**: Symbolizes an unsuccessful operation or a significant discrepancy in - the operation's outcome. The red font color acts as a clear warning, demanding - the user to meticulously inspect the operation's specifics to ensure security. - -### Customizable Font Size - -Should you find the font size on the information board to be diminutive, you can -easily adjust it under the 'Application' section in the settings. The default -font size is 10, and it can be modified to any value ranging from 9 to 18. +This documentation explains the interface and functionality of GpgFrontend, +based on the latest UI design. It is intended to guide users through its +features effectively. -### Dashboard Actions Menu + + +## Text Editing Zone + +The **Text Editing Zone** allows users to input any desired text or work on +existing files. You can open a new tab using the **"New"** or **"New E-Mail"** +button or load an existing file with **"Open"** from the menu bar. -The dashboard actions menu, located below the Information Board, provides quick -and easy access to essential functions related to the content displayed. It -empowers users to efficiently manage and process large chunks of information for -various purposes. +### Key Features: -#### Copy +- **Operations Bar**: Located at the top, it provides options to encrypt, + decrypt, sign, and verify text directly. +- **Standard Shortcuts**: Supports basic shortcuts like **Ctrl+C**, **Ctrl+V**, + and **Ctrl+S** for copying, pasting, and saving text. +- **Plain Text Format**: Text is encoded in UTF-8 without formatting to ensure + clarity and compatibility. Future plans may include rich text editing. -This function allows users to swiftly capture significant portions of content -from the Information Board for use in other applications. Simply select the -content you need and use this button to copy it to the clipboard. +#### Large Text File Support -#### Save File +- Files up to **1MB** are supported. Larger files may cause performance issues + and are not recommended. +- While loading large files, editing will be temporarily disabled until the + entire file is processed. -This operation archives the contents of the Information Board into the file -system in UTF-8 format. Although the resultant output file does not have a -suffix, it is essentially plain text and can be opened with any text editor. +## Information Panel -#### Clear +The **Information Panel** displays the results of current operations (e.g., +encryption, decryption, signing) and their status, such as success or failure. +It provides helpful details about the operation, such as timestamps, key IDs, +and algorithms used. -This command promptly purges all content from the Information Board, including -both the displayed contents and statuses. Any new operation, such as encryption -or decryption, will automatically trigger this clearing process, ensuring that -the Information Board always displays the most current and relevant information. +### Color Coding for Status + +- **Green**: Indicates a successful operation with no issues. +- **Yellow**: Suggests a successful operation but with potential warnings. +- **Red**: Signifies an unsuccessful operation or critical errors. + +### Dashboard Actions Menu + +- **Copy**: Copies content from the Information Panel to the clipboard. +- **Save File**: Saves the Information Panel's content as a plain text file + (UTF-8). +- **Clear**: Clears all content from the Information Panel, resetting it for the + next operation. ## Key Toolbox -The Key Toolbox on the right side of the interface lists all available keys, -including public and private keys. The columns provide details such as key type, -name, and email address. You can select keys from this list to perform various -operations such as encryption, decryption, signing, and verification. - -### Usage - -Most Gpg-related operations require specifying a key pair (for tasks like -encryption, decryption, signature, etc.). You can select the checkbox in the -first column of the Key Toolbox's table to designate one or more keys for your -operation. Categories that contain only public keys are frequently utilized in -cryptographic scenarios. - -### Classification - -The Toolbox showcases categories via tabbed display. None of these categories -include any expired or revoked keys. To view such keys, you should refer to the -Key Manager. The default category comprises all private and public keys. During -any operation, only the keys from the currently selected category will be -considered for input. - -### Columns - -Understanding this list is crucial. Let's walk through its components step by -step. - -- **Select**: Check the box in this column to notify GpgFrontend that you wish - to use the key from this row for your subsequent operation. - -- **Type**: This column informs you about the key type and whether the primary - key exists in your key pair. - - - `pub` signifies that it is a public key, which can be used for encryption or - verification operations. - - `pub/sec` indicates that the key pair contains both public and private keys. - It can be employed for nearly all operations (consult the 'Usage' column to - confirm this). - - `pub/sec#` shows that the key pair has a public key and a private key, but - the primary key is absent from the key pair. This suggests you won't be able - to perform certain specific operations (like adding subkeys, signing other - key pairs, etc.) - - `pub/sec^` implies that one or more keys (subkeys or master keys) from the - key pair are in the smart card. - - `pub/sec#^` denotes a simultaneous occurrence of the previous two - situations. - -- **Name**: Represents the identity information of the key pair. -- **Email Address**: Also denotes the identity information of the key pair. -- **Usage**: Determines which operations the key pair can execute. Composed of - four uppercase letters, each letter signifies a specific use. - - - `C` stands for Certificate. Key pairs containing the primary key generally - have this usage. - - `E` stands for Encrypt. The key pair can be used for encryption operations. - - `S` stands for Sign. The key pair can be used for signing operations. - - `A` stands for Authenticate. The key pair can be used to perform operations - like SSH authentication. - -- **Validity**: A Gpg concept that roughly represents the level of trust in this - key. +The **Key Toolbox**, located on the right side of the interface, lists all +available keys. It provides details such as key type, name, email address, and +usage. Users can select keys for specific operations by ticking the boxes in the +first column. -## Operations Bar +### Key Details + +- **Type**: + - `pub`: Public key (for encryption or verification). + - `pub/sec`: Key pair with both public and private keys. + - `pub/sec#`: Key pair with missing primary key. + - `pub/sec^`: Key pair with components stored on a smart card. +- **Email Address**: Shows the email associated with each key. +- **Usage**: Indicates key functionality with codes: + - `C`: Certification. + - `E`: Encryption. + - `S`: Signing. + - `A`: Authentication. -The Operations Bar at the top includes the following functions: +### Categories -1. New: Create a new text file tab. -2. Open: Open an existing text file. -3. File Browser: Browse and select files from your system. -4. Encrypt: Encrypt the text or file. -5. Encrypt Sign: Encrypt and sign the text or file. -6. Decrypt: Decrypt the text or file. -7. Decrypt Verify: Decrypt and verify the text or file. -8. Sign: Sign the text or file. -9. Verify: Verify the signature of the text or file. -10. Manage Keys: Open the key management interface. -11. Import Key: Import a new key through some approaches. +The toolbox categorizes keys by type (e.g., public or private) using tabs. +Expired or revoked keys are not displayed by default and can be viewed in +**Manage Keys**. + +## Operations Bar -This interface provides a comprehensive suite of tools for managing and -utilizing your cryptographic keys and performing various encryption-related -operations with ease. +The **Operations Bar**, at the top of the interface, provides quick access to +all core functionalities: + +1. **New E-Mail**: Create a new email or text file. +2. **Open**: Open an existing text file. +3. **File Browser**: Browse and select files from your system. +4. **Encrypt**: Encrypt text or files using selected keys. +5. **Encrypt Sign**: Encrypt and sign text or files simultaneously. +6. **Decrypt**: Decrypt text or files. +7. **Decrypt Verify**: Decrypt and verify signed files. +8. **Sign**: Digitally sign text or files. +9. **Verify**: Verify the signature of text or files. +10. **Manage Keys**: Access the key management interface. +11. **Import Key**: Import keys into your keyring. ### Customization -For operations that you may not use for a while, you have the option to uncheck -the associated function group in the top menu view. Conversely, for the -operations you frequently use, you have the ability to add them here. +You can hide unused functions or add frequently used ones via the view settings +menu in the application. |