This is used by the client-side encryption function to encrypt files and by DLP validators to decrypt files encrypted by the client-side encryption function.
gpg --full-generate-key
This will prompt you to select the type of key you want to generate.
- Select
RSA and RSA
(option 1) and then select the key size you want to generate. - Recommended key size is
3072
bits. - After that, you will be prompted to enter your name and email address.
- You can leave the comment field empty.
- After that, you will be prompted to enter a passphrase to protect your private key.
- After that, GPG will generate a lot of random bytes to generate the key pair.
gpg --armor --export-secret-keys [email protected] > my-private-key.asc
Use the following command to list the keys you have generated with details:
gpg --list-keys --keyid-format LONG
This will display a list of all the keys you have along with details such as the key IDs, creation dates, and associated emails. Look for the key you created most recently.
-
Identify the Key ID From the output, identify the key ID of the latest key. The key ID is usually displayed next to the 'pub' keyword. It will look something like this: rsa4096/1234ABCD1234ABCD 2023-01-01 [SC].
-
Export the Specific Key Once you have identified the correct key ID, you can export just that key by replacing [email protected] with the key ID in the export command. For example:
gpg --armor --export 1234ABCD1234ABCD > publickey.asc
base64 -i publickey.asc -o publickey_base64.asc
base64 -i privatekey.asc -o privatekey_base64.asc
gpg --output decrypted_image.png --decrypt encrypted_image.png
Used to import a symmetric key generated by the client-side encryption function in the UI.
gpg --import decrypted_symmetric_key.asc