gnupg

问题 Short version : echo "testing" | vim - | grep "good" This doesn't work as vim won't output to a pipe. It says : "Vim: Warning: Output is not to a terminal". Any way to do this? Cross-editor support would be nice too. I've tried named pipes, but vim won't open them. Long version : echo $passw | gpg -q -d --passphrase-fd 0 $filename | vim - | "somehow gpg encrypt it using $passw and store it back in $filename". I'm trying to edit a gpg encrypted file but would like to not have the decrypted

问题 I'm trying to sort out my use of digital signatures and encryption. I understand that there are 2 main ways to do this: the PGP way and the SSL way. What I would like to know if it's possible to use the same private key for both SSL certificate and GnuPG, providing that this is a RSA 2048 bit key. I already have an SSL certificate signed by a CA, so I was hoping to use that certificate's private key as the GnuPG master private key. I know that we can't make assertions between the SSL and

问题 I'd like to manually verify the PGP signature on a Maven artifact from Central, but I don't know where to start. I see on Apache's Guide to uploading artifacts to the Central Repository that it says "we require you to provide PGP signatures for all your artifacts". And I've seen that Sonatype's Nexus Pro software mentions verifying signatures in a blog post on Nexus Pro features But I can't find any information on how to get the signatures manually. I'm familiar enough with GPG to perform the

问题 I am looking for instructions on how to configure the jenkins email plugin (ext-mail) to encrypt notifications? The uncle google did not help me too much. 回答1: such feature is not out-of-box, you need custom ExtendedEmailPublisher for your needs. MimeMessage msg = createMail(mailType, build, listener); Address[] allRecipients = msg.getAllRecipients(); if (allRecipients != null) { StringBuilder buf = new StringBuilder("Sending email to:"); for (Address a : allRecipients) { buf.append(' ')

问题 I'm using the command line to encrypt files that I am sending out but I am trying to figure out how to use the same method to decrypt them. If I run the command it get prompted for the passphrase, but I don't see a way to pass in the passphrase using the command line. Here is how I am encrypting the file: var proc = new Process(); proc.EnableRaisingEvents = false; proc.StartInfo.WorkingDirectory = "C:\\"; proc.StartInfo.FileName = @"C:\Progra~1\GNU\GnuPG\gpg.exe"; proc.StartInfo.Arguments = @

问题 I am having the following issue when I am trying to create a commit using Git Extensions and SourceTree "C:\Program Files\Git\bin\git.exe" commit -F "C:\Code\XXX\.git\COMMITMESSAGE" gpg: keyblock resource 'C:/Code/XXX/%appdata%/gnupg/pubring.kbx': No such file or directory gpg: skipped "ZZZZZZZZZZ": No secret key gpg: signing failed: No secret key error: gpg failed to sign the data fatal: failed to write commit object Done My pubring.kbx exists in my %appdata% directory but why is it

问题 I think this started happening after I updated the lastest OSX version, which might or might not have contained a new version of Git. But now, almost every time I try to sign my commits (either through git commit -S or git rebase -S ): I get the password prompt Enter the password Press enter and nothing happens. No 'Permission Denied: Invalid Password', nothing. I have to Ctrl-C to get out of the prompt. Not sure if this is a known issue on Git or El Capitan 10.11.6, but its getting vexing

问题 I want to deploy an artifact to Sonatype OSS repository. When I deploy with the following command, the signatures are invalid. mvn clean source:jar javadoc:jar install gpg:sign deploy > gpg --verify target/security-versions-1.0.1.jar.asc gpg: assuming signed data in 'target/security-versions-1.0.1.jar' gpg: Signature made 10/20/15 11:45:50 Eastern Daylight Time using RSA key ID 63E38ACF gpg: BAD signature from "Philippe Arteau <philippe.arteau@gmail.com>" [ultimate] If I remove the deploy

问题 I'm currently working on openpgp in combination with golang. I use the following code to generate a new keypair and create a self-signature on the resulting public key: package main import ( "bytes" "crypto" "time" "golang.org/x/crypto/openpgp" "golang.org/x/crypto/openpgp/armor" "golang.org/x/crypto/openpgp/packet" "fmt" ) //Create ASscii Armor from openpgp.Entity func PubEntToAsciiArmor(pubEnt *openpgp.Entity) (asciiEntity string) { gotWriter := bytes.NewBuffer(nil) wr, errEncode := armor

问题 Are asymmetrical cryptographic keys fundamentally inter-convertible between the major key container formats? For example, can I convert an X.509 key file into a PGP or OpenGPG key file? And--assuming the answer is yes--is it "security neutral" to keep one key pair in whatever format and convert into whichever container file format is needed for the occasion? I'm getting a little tired of maintaining so many key pairs for X.509, OpenGPG, and SSH, when they're all RSA at the heart. 回答1: Yes and