1. 首頁
  2. 問答
  3. GNU/Linux gpg如何使用私鑰加密

GNU/Linux gpg如何使用私鑰加密

2012-11-12 47 views
0

編輯:對不起,混亂。其實我想知道是否可以使用私鑰進行加密。 (這也自動意味着簽名。) 我希望通過運行腳本在C程序中完成此操作。GNU/Linux gpg如何使用私鑰加密

順便說一句,用私有密鑰加密一個好主意,發送簽名郵件到觀衆將與我的公鑰解密呢?

老問題: 如何「標誌」使用GNU/Linux中我自己的私鑰GPG文件?我看到了man page,但它沒有提供任何有關這方面的信息。 另外,對方如何驗證以這種方式創建的簽名?

如果可能,請給出命令行選項來完成此操作。

我看到了其他的問題,但他們談論Android,JAVA等。我只想要命令行選項。 thx。

來源

2012-11-12 Tem Pora

+0

回覆您的編輯:是的,您可以同時加密和簽名。只需使用'--symmetric'和/或'--encrypt --recipient KEYID'與'--sign'配合使用。如果您需要幫助,請閱讀手冊頁或在我提到的其中一個網站上提出問題。 – rsaw

回答

0

手冊頁實際上確實提供有關簽署信息。

有3點主要的選擇:

  1. 標誌-s/--sign
    • 直接文件完全修改文件,嵌入它的簽名 - 可以有或沒有-a ASCII使用裝甲選項
  2. 直接用012簽署文件/--sign並與--clearsign
    • 包裝請用一個純文本ASCII簽名
  3. -b/--detach-sign
    • 保存的簽名到一個單獨的文件中創建獨立的簽名 - - 可以帶或不帶-a

這裏是我做的每一個反過來,然後再驗證的例子。

  1. 嵌入式簽名,修改原始文件(要求使用gpg -d獲得該文件的原始內容)。

    $ cp /etc/issue . 
$ gpg -sa <issue>issue.asc 

You need a passphrase to unlock the secret key for 
user: "Rsaw Rsaw <[email protected]>" 
2048-bit RSA key, ID 211A2D3E, created 2012-08-24 

$ cat issue.asc 
-----BEGIN PGP MESSAGE----- 
Version: GnuPG v1.4.12 (GNU/Linux) 

owEBcQGO/pANAwACASZpDtshGi0+ActBYgBQoI3pRmVkb3JhIHJlbGVhc2UgMTcg 
KEJlZWZ5IE1pcmFjbGUpCktlcm5lbCBcciBvbiBhbiBcbSAoXGwpCgqJARwEAAEC 
AAYFAlCgjekACgkQJmkO2yEaLT5C3Af/fGDDoCA+6ddDUqbOZa96RNZrQPvvuT2m 
ZnPEnXonqkTEf0OLOJFHWPTsMK5SKdSWx14gvaiSbQTGTKdqUiaSBfBs+tenJ39S 
zQrZPctqKYvBbk848qiBO6tHgf8npNmg2yeY2YKjR6+02bHadg9wiujjazutuSKY 
xEDvaIoDpCl1bsbOF7ZI8zxcpFx366PZybC/fEvA+R4sDFP4QiYDPg0MKmrUlsJa 
1l9gE8e1LEZC2wXDuSCffL6dODFbCvHgU4IyUze1lX5CZHFPs5Y9kI+yBb9f9sYH 
UzOHJDISHMephS1WPqP5JXlkwiiUNTEk4qnTQRalud+yAHBeEZtrtA== 
=fYHs 
-----END PGP MESSAGE----- 
$ gpg --verify issue.asc 
gpg: Signature made Mon 12 Nov 2012 12:49:29 AM EST using RSA key ID 211A2D3E 
gpg: Good signature from "Rsaw Rsaw <[email protected]>" 
$ gpg -d issue.asc 
Fedora release 17 (Beefy Miracle) 
Kernel \r on an \m (\l) 

gpg: Signature made Mon 12 Nov 2012 12:49:29 AM EST using RSA key ID 211A2D3E 
gpg: Good signature from "Rsaw Rsaw <[email protected]>"

  2. 包裝清除簽名。

    $ gpg -s --clearsign <issue>issue.asc 

You need a passphrase to unlock the secret key for 
user: "Rsaw Rsaw <[email protected]>" 
2048-bit RSA key, ID 211A2D3E, created 2012-08-24 

$ cat issue.asc 
-----BEGIN PGP SIGNED MESSAGE----- 
Hash: SHA1 

Fedora release 17 (Beefy Miracle) 
Kernel \r on an \m (\l) 

-----BEGIN PGP SIGNATURE----- 
Version: GnuPG v1.4.12 (GNU/Linux) 

iQEcBAEBAgAGBQJQoI65AAoJECZpDtshGi0+XLwH/0q7M+6aVvM2XMwy36R+zbYv 
IjF/GBUgEFRO53a0xCi6lhw10Wp4tpmZLeJJwFb2xNGu7/1SaB4pk/PhSk4xU5Bx 
3FepXaHvbwoB+Km2jqCnB1BNowJa4UecPk7pBoBPbBFv6GomecMYv1a3tORStmwe 
3UIF99HgCilivjbJoGI6h7en7yq2LwwQLpHNs8dY8rlurQfHM5CMv5RpF9jCDEJS 
MHKN52Urcx1/ROam/YjyP+Pa+PZF4x19q+obdHOsNCyqAIlYcfsUjCoiCGF8FjPM 
00ha0aaw9dHezmqyAE9nWE5SYB571iVcO1xIoGk+jl78HSwpxpf5hssavDwT2go= 
=o6WZ 
-----END PGP SIGNATURE----- 
$ gpg -v issue.asc 
gpg: armor header: Hash: SHA1 
gpg: armor header: Version: GnuPG v1.4.12 (GNU/Linux) 
gpg: original file name='' 
File `issue' exists. Overwrite? (y/N) 
gpg: Interrupt caught ... exiting 

$ gpg --verify issue.asc 
gpg: Signature made Mon 12 Nov 2012 12:52:57 AM EST using RSA key ID 211A2D3E 
gpg: Good signature from "Rsaw Rsaw <[email protected]>" 
$ gpg -d issue.asc 
Fedora release 17 (Beefy Miracle) 
Kernel \r on an \m (\l) 

gpg: Signature made Mon 12 Nov 2012 12:52:57 AM EST using RSA key ID 211A2D3E 
gpg: Good signature from "Rsaw Rsaw <[email protected]>"

  3. 分離簽名(需要相同的名稱作爲簽名文件,加上.sig.asc分機或要求用戶明確指定兩個分離的-SIG-文件和簽名文件)。

    $ gpg -ba <issue>issue.sig 

You need a passphrase to unlock the secret key for 
user: "Rsaw Rsaw <[email protected]>" 
2048-bit RSA key, ID 211A2D3E, created 2012-08-24 

$ cat issue.sig 
-----BEGIN PGP SIGNATURE----- 
Version: GnuPG v1.4.12 (GNU/Linux) 

iQEcBAABAgAGBQJQoI8zAAoJECZpDtshGi0+x2cH/RsM2LAeXTZkL792jJTVyoyg 
Iz/RT3aBZqnqXu2H4O2YB897Qr4vbnoCc5uaTxm4z4jujkRs5l5vfL184Yui+o9g 
eJW/Q+RegiMdgZMGY48xqz0sJMM1q2nJGy1c5qqX59IuUzslVkw+HxzPnChQHDBV 
B7EraKoIvJS8KzHdXF/sQtUnJAlg4ItKW/uc/gNRz7G2O9tCdyTuddlTA6b3dV0I 
gYCeF3TMgBMpkrDyYmVc9BkheIZDwy9ce1sRDYFmGpbD/Smae4mXeTgurEbe2bFJ 
TqRkB4tMMl4xRd1s+Wtbj3f3hxsLTZn3Wq1n9UlL5Ga/+Tx3gZQAIUYLPwwyD7k= 
=G2Qp 
-----END PGP SIGNATURE----- 
$ gpg --verify issue.sig 
gpg: Signature made Mon 12 Nov 2012 12:54:59 AM EST using RSA key ID 211A2D3E 
gpg: Good signature from "Rsaw Rsaw <[email protected]>" 
$ mv issue.sig my-issue.sig 
$ gpg --verify -v my-issue.sig 
gpg: armor header: Version: GnuPG v1.4.12 (GNU/Linux) 
gpg: no signed data 
gpg: can't hash datafile: file open error 
$ gpg --verify my-issue.sig issue 
gpg: Signature made Mon 12 Nov 2012 12:54:59 AM EST using RSA key ID 211A2D3E 
gpg: Good signature from "Rsaw Rsaw <[email protected]>" 
$ mv my-issue.sig issue.asc 
$ gpg -v --verify issue.asc 
gpg: armor header: Version: GnuPG v1.4.12 (GNU/Linux) 
gpg: assuming signed data in `issue' 
gpg: Signature made Mon 12 Nov 2012 12:54:59 AM EST using RSA key ID 211A2D3E 
gpg: using PGP trust model 
gpg: Good signature from "Rsaw Rsaw <[email protected]>" 
gpg: binary signature, digest algorithm SHA1

所以應該涵蓋。

爲了將來的參考,這個問題不應該發佈在Stackoverflow上,可能會被移動或關閉。它屬於Unix and LinuxSuperuser

來源

2012-11-12 06:00:01 rsaw

相關問題

 相關問題