下面操作:
生成密钥:
C:\Documents and Settings\admin>[color=red]gpg --gen-key[/color] //输入此命令
gpg (GnuPG) 2.0.17; Copyright (C) 2011 Free Software Foundation, Inc
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection?[color=red] 1 [/color] //只有1可以用于加密,其它用于签名
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? [color=red](2048)[/color] // 选择密码的位数,位数越大越安全,但速度慢
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) [color=red]0[/color] //根据实际情况选择密钥时限 0表示永久
Key does not expire at all
Is this correct? (y/N) [color=red]y [/color]//确认
GnuPG needs to construct a user ID to identify your key.
Real name: [color=red]myname[/color] //请输入真实姓名,以后会用到
Email address: myemail@server.com //输入邮箱,不能重复
Comment: [color=red]comment [/color] //可以为空
You selected this USER-ID:
"raolin (use for GPG Encrypt) <myrl1023@126.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?[color=red] o [/color] //输入o确认
[color=blue]You need a Passphrase to protect your secret key.[/color] //输入两次密码
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: C:/Documents and Settings/raolin/Application Data/gnupg/trustdb.gpg: trustd
b created
gpg: key [color=red]8CC6954D[/color] marked as ultimately trusted //密钥ID
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/8CC6954D 2011-08-02
Key fingerprint = 2D3F A584 6B77 59E6 E937 650E 9867 920D 8CC6 954D
uid raolin (use for GPG Encrypt) <myrl1023@126.com>
sub 2048R/D55E7B91 2011-08-02
========================================
C:\Documents and Settings\admin>[color=red]gpg --output revoke.asc --gen-revoke 8CC6954D[/color] //密钥回收
sec 2048R/8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.c
Create a revocation certificate for this key? (y/N) [color=red]y[/color]
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 0
Enter an optional description; end it with an empty line:
> revoke file generation
>
Reason for revocation: No reason specified
revoke file generation
Is this okay? (y/N) [color=red]y[/color]
You need a passphrase to unlock the secret key for
user: "raolin (use for GPG Encrypt) <myrl1023@126.com>"
2048-bit RSA key, ID 8CC6954D, created 2011-08-02
ASCII armored output forced.
Revocation certificate created.
Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable. But have some caution: The print system of
your machine might store the data and make it available to others!
==============================================
C:\Documents and Settings\admin>[color=red]gpg -o C:\public-gpg -a --export 8CC6954D [/color]//导出密钥公钥
C:\Documents and Settings\admin>gpg [color=red]-o c:\secret-key -a --export-secret-keys 8CC6954D [/color]//导出密钥私钥
C:\Documents and Settings\admin>[color=red]gpg --list-sigs [/color]//列出密钥使用 gpg --list-keys
C:/Documents and Settings/admin/Application Data/gnupg/pubring.gpg
-------------------------------------------------------------------
pub 2048R/8CC6954D 2011-08-02
uid raolin (use for GPG Encrypt) <myrl1023@126.com>
sig 3 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
sub 2048R/D55E7B91 2011-08-02
sig 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
[color=red]//列出密钥和签字使用 gpg --list-keys
//列出并检查密钥签字 gpg --check-sigs[/color]
C:\Documents and Settings\admin>gpg --check-sigs
C:/Documents and Settings/admin/Application Data/gnupg/pubring.gpg
-------------------------------------------------------------------
pub 2048R/8CC6954D 2011-08-02
uid raolin (use for GPG Encrypt) <myrl1023@126.com>
sig!3 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
sub 2048R/D55E7B91 2011-08-02
sig! 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
C:\Documents and Settings\admin>[color=red]gpg -ear myname c:/123.txt [/color] //myname 为生成密钥时输入的用户 c:/123.txt 要对那个文件进行加密 加密码后生成的文件为c:/123.txt.asc
-e GPG加密
-a 加成ASCII
-r 指定用户加密码
C:\Documents and Settings\admin>[color=red]gpg -d c:/123.txt.asc >c:/1233.txt [/color] //解密
使用JAVA 调用些命令:
text.bat:
生成密钥:
C:\Documents and Settings\admin>[color=red]gpg --gen-key[/color] //输入此命令
gpg (GnuPG) 2.0.17; Copyright (C) 2011 Free Software Foundation, Inc
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection?[color=red] 1 [/color] //只有1可以用于加密,其它用于签名
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? [color=red](2048)[/color] // 选择密码的位数,位数越大越安全,但速度慢
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) [color=red]0[/color] //根据实际情况选择密钥时限 0表示永久
Key does not expire at all
Is this correct? (y/N) [color=red]y [/color]//确认
GnuPG needs to construct a user ID to identify your key.
Real name: [color=red]myname[/color] //请输入真实姓名,以后会用到
Email address: myemail@server.com //输入邮箱,不能重复
Comment: [color=red]comment [/color] //可以为空
You selected this USER-ID:
"raolin (use for GPG Encrypt) <myrl1023@126.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?[color=red] o [/color] //输入o确认
[color=blue]You need a Passphrase to protect your secret key.[/color] //输入两次密码
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: C:/Documents and Settings/raolin/Application Data/gnupg/trustdb.gpg: trustd
b created
gpg: key [color=red]8CC6954D[/color] marked as ultimately trusted //密钥ID
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/8CC6954D 2011-08-02
Key fingerprint = 2D3F A584 6B77 59E6 E937 650E 9867 920D 8CC6 954D
uid raolin (use for GPG Encrypt) <myrl1023@126.com>
sub 2048R/D55E7B91 2011-08-02
========================================
C:\Documents and Settings\admin>[color=red]gpg --output revoke.asc --gen-revoke 8CC6954D[/color] //密钥回收
sec 2048R/8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.c
Create a revocation certificate for this key? (y/N) [color=red]y[/color]
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 0
Enter an optional description; end it with an empty line:
> revoke file generation
>
Reason for revocation: No reason specified
revoke file generation
Is this okay? (y/N) [color=red]y[/color]
You need a passphrase to unlock the secret key for
user: "raolin (use for GPG Encrypt) <myrl1023@126.com>"
2048-bit RSA key, ID 8CC6954D, created 2011-08-02
ASCII armored output forced.
Revocation certificate created.
Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable. But have some caution: The print system of
your machine might store the data and make it available to others!
==============================================
C:\Documents and Settings\admin>[color=red]gpg -o C:\public-gpg -a --export 8CC6954D [/color]//导出密钥公钥
C:\Documents and Settings\admin>gpg [color=red]-o c:\secret-key -a --export-secret-keys 8CC6954D [/color]//导出密钥私钥
C:\Documents and Settings\admin>[color=red]gpg --list-sigs [/color]//列出密钥使用 gpg --list-keys
C:/Documents and Settings/admin/Application Data/gnupg/pubring.gpg
-------------------------------------------------------------------
pub 2048R/8CC6954D 2011-08-02
uid raolin (use for GPG Encrypt) <myrl1023@126.com>
sig 3 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
sub 2048R/D55E7B91 2011-08-02
sig 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
[color=red]//列出密钥和签字使用 gpg --list-keys
//列出并检查密钥签字 gpg --check-sigs[/color]
C:\Documents and Settings\admin>gpg --check-sigs
C:/Documents and Settings/admin/Application Data/gnupg/pubring.gpg
-------------------------------------------------------------------
pub 2048R/8CC6954D 2011-08-02
uid raolin (use for GPG Encrypt) <myrl1023@126.com>
sig!3 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
sub 2048R/D55E7B91 2011-08-02
sig! 8CC6954D 2011-08-02 raolin (use for GPG Encrypt) <myrl1023@126.com
>
C:\Documents and Settings\admin>[color=red]gpg -ear myname c:/123.txt [/color] //myname 为生成密钥时输入的用户 c:/123.txt 要对那个文件进行加密 加密码后生成的文件为c:/123.txt.asc
-e GPG加密
-a 加成ASCII
-r 指定用户加密码
C:\Documents and Settings\admin>[color=red]gpg -d c:/123.txt.asc >c:/1233.txt [/color] //解密
使用JAVA 调用些命令:
package windows;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
public class CallCmdInJava {
/**
*
* @param command
* @return
* @throws IOException
*/
public static String callCmd(String command) throws IOException{
try{
Runtime r = Runtime.getRuntime();
Process p = r.exec(command);
BufferedReader br = new BufferedReader(new InputStreamReader(p
.getInputStream()));
p.getOutputStream().flush();
p.getOutputStream().close();
String message="";
StringBuffer result = new StringBuffer();
while((message = br.readLine())!= null){
result.append(message).append("\n");
}
return result.toString();
} catch (IOException e) {
return e.getMessage();
}
}
public static void main(String[] args) {
try {
System.out.println(callCmd("c:\\text.bat"));
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
text.bat:
set path=%path%;C:\Program Files\GNU\GnuPG\pub #这是GPG的安装目录,然后输入要执行的cmd 命令 如下
# gpg --list-sigs
#gpg --check-sigs
gpg -ear myname c:/123.txt #加密123.txt 文件--自动生成123.txt.asc文件
#gpg -d c:/123.txt.asc >c:/1233.txt
573
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
