如何使用 GnuPG 加密明文?

发布于 2024-10-29 06:22:09 字数 231 浏览 3 评论 0原文

我最近一直在与 GnuPG 打交道,并且开始依赖它加密文件等的能力。

但是,我目前正在开发几个涉及通信(即聊天、电子邮件等)的项目,其中我'我喜欢使用现有密钥来加密/解密文本本身,而不是文件或磁盘映像等“容器”。

我想我可以加密容器,将流转换为 base64 (或适当的东西),然后将文本标记为这样,但我猜有一个更直接的解决方案。我确信我错过了一些简单的东西,但是,好吧,我错过了它。

有什么想法吗?

I've been working a great deal with GnuPG lately and have come to depend on its ability to encrypt files, etc.

However, I am currently working on a couple of projects that involve communication (i.e. chat,email, etc) where I'd like to use existing keys to encrypt/decrypt text itself as opposed to a "container" such as a file or disk image.

I suppose I could encrypt the container, convert the stream to base64 (or something appropriate) then mark the text as such, but I would guess there is a more straightforward solution. I'm sure there is something simple I'm missing, but, well, I'm missing it.

Any ideas?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

傾城如夢未必闌珊 2024-11-05 06:22:09

怎么样:

$ echo "hello" | gpg --symmetric --armor --passphrase "asdf"
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.11 (Darwin)

jA0EAwMCWfhRZo0AiwVgyRw5Q26Tf+i6OCiQOVoUNJZEfz5ekBJw6BdVpE88
=ecV3
-----END PGP MESSAGE-----

如果这就是您正在寻找的内容,您将需要设置 gpg-agent 来处理密码...从命令行传递它是相当不安全的(就像任何程序一样)在机器上可以窃取它)。

如果“现有密钥”是指“现有的 pub/priv 密钥对”,那么:

$ echo "hello" | gpg --encrypt --armor -r B230230D
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.11 (Darwin)

hQIMA+Cu7Ed7iNErAQ/8CTkEOOGVub1wEt4+5qnB9gNbVF7TNjWMjw/znKAjFg1j
f0s5xuUoPamvtLXKbs0J6OdpwTZfOkK/MIXxjsz1P4cC01CmoSsdzIkhbqccX7GP
VWRM9P0TxI9005JaxMh9rsoxVP2k/RtK3z2f3didl2SMS45TfhV8MJss5HqeQlVC
KHiCWfbHB7ww68ZIVs/AAx0zVPVld1BwHJcRvFIohBu9GUTrDMYxpOsKNZDVWXb0
154KrNFgnjgueGmh25HYdfJ+gs0Fclsq5XATo2H7gfGnq+DALeWy20ig4o9VOAcj
/KU2HRA/XD13MHRZiyJVTszF1VfvsdANnemI75O+f7z34+P0lQiCCV/Z7xqrd384
9V7Uby8n+9PppD+mpt8wiCjQUfAXmHBptoNw8OwuWUGnw7svCu7wqzgjBTyAxvwL
325/o9O2TTYZvOlpoxGayG3JbKzpHlQDv7RKIwC8W1nr/0q96Hxh+RpZfk0zwGyP
wZOx27AyhLAOJtq6Tfg/ef+Ln6d5BaDWmvF9sC/wKXnjN60X6DSLlMDDIYO01whe
JroyE+R1KMYB7r5y7VUGCoyPcrJj3yQTkYVWuvHSsy3sn7N+iWd/29V/ipFeT5Tb
SKRV/Dj/ypJn07jnsLb2ixqr+UTaARP8el7UTJtYCzxs14xdw4uRvkezKZR08C/S
QQFpMeFcVmxGCQVr5llp24bDjtiIT06VbXqZBiQ+kX9JHUDwYEs1qi+seNAlCG4C
4INLNud/n85iPWrSropiYPPY
=SGgD
-----END PGP MESSAGE-----

在这两种情况下,消息都使用以下方式解密:

$ cat encrypted_message | gpg
gpg: CAST5 encrypted data
Enter passphrase: asdf
gpg: encrypted with 1 passphrase
hello

What about:

$ echo "hello" | gpg --symmetric --armor --passphrase "asdf"
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.11 (Darwin)

jA0EAwMCWfhRZo0AiwVgyRw5Q26Tf+i6OCiQOVoUNJZEfz5ekBJw6BdVpE88
=ecV3
-----END PGP MESSAGE-----

If this is what you're looking for, you'll want to setup gpg-agent to handle the passphrase… Passing it in from the command line like that is fairly insecure (as any program on the machine could steal it).

And if by “existing keys” you mean “existing pub/priv key pairs”, then:

$ echo "hello" | gpg --encrypt --armor -r B230230D
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.11 (Darwin)

hQIMA+Cu7Ed7iNErAQ/8CTkEOOGVub1wEt4+5qnB9gNbVF7TNjWMjw/znKAjFg1j
f0s5xuUoPamvtLXKbs0J6OdpwTZfOkK/MIXxjsz1P4cC01CmoSsdzIkhbqccX7GP
VWRM9P0TxI9005JaxMh9rsoxVP2k/RtK3z2f3didl2SMS45TfhV8MJss5HqeQlVC
KHiCWfbHB7ww68ZIVs/AAx0zVPVld1BwHJcRvFIohBu9GUTrDMYxpOsKNZDVWXb0
154KrNFgnjgueGmh25HYdfJ+gs0Fclsq5XATo2H7gfGnq+DALeWy20ig4o9VOAcj
/KU2HRA/XD13MHRZiyJVTszF1VfvsdANnemI75O+f7z34+P0lQiCCV/Z7xqrd384
9V7Uby8n+9PppD+mpt8wiCjQUfAXmHBptoNw8OwuWUGnw7svCu7wqzgjBTyAxvwL
325/o9O2TTYZvOlpoxGayG3JbKzpHlQDv7RKIwC8W1nr/0q96Hxh+RpZfk0zwGyP
wZOx27AyhLAOJtq6Tfg/ef+Ln6d5BaDWmvF9sC/wKXnjN60X6DSLlMDDIYO01whe
JroyE+R1KMYB7r5y7VUGCoyPcrJj3yQTkYVWuvHSsy3sn7N+iWd/29V/ipFeT5Tb
SKRV/Dj/ypJn07jnsLb2ixqr+UTaARP8el7UTJtYCzxs14xdw4uRvkezKZR08C/S
QQFpMeFcVmxGCQVr5llp24bDjtiIT06VbXqZBiQ+kX9JHUDwYEs1qi+seNAlCG4C
4INLNud/n85iPWrSropiYPPY
=SGgD
-----END PGP MESSAGE-----

In both cases, the message is decrypted using:

$ cat encrypted_message | gpg
gpg: CAST5 encrypted data
Enter passphrase: asdf
gpg: encrypted with 1 passphrase
hello
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文