本文解析了GPG的三种签名方法--signfile、--clear-signfile和--detach-signfile,强调了它们的区别,如--detach-sign仅包含签名而不含文件内容,--sign用于加密并压缩文本,--clear-sign提供了明文签名。此外,还介绍了--clear-sign与--armor--sign的相似性和不同之处。
机缘
gpg 三种签名方式的不同
gpg --sign file # produces file.gpg
gpg --clear-sign file # produces file.asc
gpg --detach-sign file # produces file.sig
Basically when signing with --detach-sign the resulting .sig won’t contain the signed file only the signature.
–sign compresses, signs and outputs the signed text in a binary format.
–clearsign wraps the text in an ASCII-armored signature—
收获
–sign does not encrypt files! –
Sebi2020
Jul 27, 2020 at 9:42
Is --clearsign any different from --armor --sign? –
xjcl
Jul 6, 2021 at 17:14
Yes. With --sign --armor the cleartext isn’t show, and the ascii will be different because the armor includes both the message and the signature. --clearsign is more similar to --detach-sign --armor, which is exactly the ascii that shows up after the cleartext. –
stewSquared
Nov 6, 2021 at 4:41
What does “signing” a file really mean?
It is similar to give your product(files) a laser anti-counterfeiting label,
to let others receiver(buyer) more confident in quality, when they see a signiture as real genuine certificate.
憧憬
提示:职业规划、创作规划等
Tips
1615
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
