Thursday, March 13, 2008

GNUPG Encryption & Decryption 

1.Generate a key-pair:
 In order to generate key pair, first we need to create a public key (which is used for signing)
 and then a sub-key to encrypt files. Unless we create a sub-key we cannot encrypt a file.

 a) Create a public key:

  F:\temp>gpg --gen-key
  
  gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
  This program comes with ABSOLUTELY NO WARRANTY.
  This is free software, and you are welcome to redistribute it
  under certain conditions. See the file COPYING for details.

  gpg: keyring `C:/Users/srini/AppData/Roaming/gnupg\secring.gpg' created
  gpg: keyring `C:/Users/srini/AppData/Roaming/gnupg\pubring.gpg' created
  Please select what kind of key you want:
     (1) DSA and Elgamal (default)
     (2) DSA (sign only)
     (5) RSA (sign only)
  
  Your selection? 5
  RSA keys may be between 1024 and 4096 bits long.
  What keysize do you want? (2048) 1024
  Requested keysize is 1024 bits
  Please specify how long the key should be valid.
    0 = key does not expire
          = key expires in n days
        w = key expires in n weeks
        m = key expires in n months
        y = key expires in n years
  Key is valid for? (0) 0
  Key does not expire at all
  Is this correct? (y/N) y

  You need a user ID to identify your key; the software constructs the user ID
  from the Real Name, Comment and Email Address in this form:
      "Heinrich Heine (Der Dichter) "

  Real name: Srini
  Email address: cnuusa@gmail.com
  Comment:
  You selected this USER-ID:
      "Srini "

  Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
  You need a Passphrase to protect your secret key.

  gpg: DBG: rndw32: get performance data problem
  We need to generate a lot of random bytes. It is a good idea to perform
  some other action (type on the keyboard, move the mouse, utilize the
  disks) during the prime generation; this gives the random number
  generator a better chance to gain enough entropy.
  gpg: DBG: rndw32: get performance data problem
  +++++
  ..+++++
  gpg: C:/Users/srini/AppData/Roaming/gnupg\trustdb.gpg: trustdb created
  gpg: key 783D5846 marked as ultimately trusted
  public and secret key created and signed.

  gpg: checking the trustdb
  gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
  gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
  pub   1024R/783D5846 2008-03-08
        Key fingerprint = 96D5 0AE1 38E8 4286 978A  6B39 28B4 BC41 783D 5846
  uid                  Srini 

  Note that this key cannot be used for encryption.  You may want to use
  the command "--edit-key" to generate a subkey for this purpose.

 b) Create a Sub-key for encryption:

  F:\temp>gpg --edit-key CNUUSA@gmail.com
  gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
  This program comes with ABSOLUTELY NO WARRANTY.
  This is free software, and you are welcome to redistribute it
  under certain conditions. See the file COPYING for details.

  Secret key is available.

  pub  1024R/783D5846  created: 2008-03-08  expires: never       usage: SC
         trust: ultimate      validity: ultimate
  [ultimate] (1). Srini 

  Command> addkey
  Key is protected.
  You need a passphrase to unlock the secret key for
  user: "Srini "
  1024-bit RSA key, ID 783D5846, created 2008-03-08

  Please select what kind of key you want:
     (2) DSA (sign only)
     (4) Elgamal (encrypt only)
     (5) RSA (sign only)
     (6) RSA (encrypt only)
  Your selection? 6
  RSA keys may be between 1024 and 4096 bits long.
  What keysize do you want? (2048) 1024
  Requested keysize is 1024 bits
  Please specify how long the key should be valid.
    0 = key does not expire
          = key expires in n days
        w = key expires in n weeks
        m = key expires in n months
        y = key expires in n years
  Key is valid for? (0) 0
  Key does not expire at all
  Is this correct? (y/N) y
  Really create? (y/N) y
  We need to generate a lot of random bytes. It is a good idea to perform
  some other action (type on the keyboard, move the mouse, utilize the
  disks) during the prime generation; this gives the random number
  generator a better chance to gain enough entropy.
  gpg: DBG: rndw32: get performance data problem
  ...........+++++
  .+++++

  pub  1024R/783D5846  created: 2008-03-08  expires: never       usage: SC
         trust: ultimate      validity: ultimate
  sub  1024R/5115C601  created: 2008-03-08  expires: never       usage: E
  [ultimate] (1). Srini 

  Command> save

2). Encrypt and decrypt a file: Now we are ready with our keys.

 a) Encrypt a file:

  F:\temp>gpg -r Srini -e readmore.txt

  F:\temp>dir
   Volume in drive F has no label.
   Volume Serial Number is 664F-1775

   Directory of F:\temp

  03/08/2008  05:43 PM              .
  03/08/2008  05:43 PM              ..
  03/03/2008  09:02 PM               207 readmore.txt
  03/08/2008  05:43 PM               350 readmore.txt.gpg
          2 File(s)            557 bytes
          2 Dir(s)  21,445,525,504 bytes free
b) Decrypt a file: Initially, copy the file to another location say test.


  F:\temp>cd test

  F:\temp\test>gpg -o readmore.txt -d readmore.txt.gpg

  You need a passphrase to unlock the secret key for
  user: "Srini "
  1024-bit RSA key, ID 5115C601, created 2008-03-08 (main key ID 783D5846)

  gpg: encrypted with 1024-bit RSA key, ID 5115C601, created 2008-03-08
        "Srini "

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)