Skip to content
This repository has been archived by the owner on Oct 16, 2024. It is now read-only.

Latest commit

 

History

History
63 lines (44 loc) · 1.99 KB

keys.md

File metadata and controls

63 lines (44 loc) · 1.99 KB

Notes on managing keys and encryption

Generating a key pair

This is used by the client-side encryption function to encrypt files and by DLP validators to decrypt files encrypted by the client-side encryption function.

gpg --full-generate-key

This will prompt you to select the type of key you want to generate.

  • Select RSA and RSA (option 1) and then select the key size you want to generate.
  • Recommended key size is 3072 bits.
  • After that, you will be prompted to enter your name and email address.
  • You can leave the comment field empty.
  • After that, you will be prompted to enter a passphrase to protect your private key.
  • After that, GPG will generate a lot of random bytes to generate the key pair.

Backup key to file

gpg --armor --export-secret-keys [email protected] > my-private-key.asc

Use the following command to list the keys you have generated with details:

gpg --list-keys --keyid-format LONG

This will display a list of all the keys you have along with details such as the key IDs, creation dates, and associated emails. Look for the key you created most recently.

  • Identify the Key ID From the output, identify the key ID of the latest key. The key ID is usually displayed next to the 'pub' keyword. It will look something like this: rsa4096/1234ABCD1234ABCD 2023-01-01 [SC].

  • Export the Specific Key Once you have identified the correct key ID, you can export just that key by replacing [email protected] with the key ID in the export command. For example:

gpg --armor --export 1234ABCD1234ABCD > publickey.asc

Convert the keys to base64

base64 -i publickey.asc -o publickey_base64.asc 
base64 -i privatekey.asc -o privatekey_base64.asc  

Decrypting a file

gpg --output decrypted_image.png --decrypt encrypted_image.png

Import a key

Used to import a symmetric key generated by the client-side encryption function in the UI.

gpg --import decrypted_symmetric_key.asc