Skip to content

Instantly share code, notes, and snippets.

@surhudm

surhudm/GNUPG.md

Last active May 25, 2017 21:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save surhudm/f9ad2caf4ef652234ab1956d4d5d9a0f to your computer and use it in GitHub Desktop.
Save surhudm/f9ad2caf4ef652234ab1956d4d5d9a0f to your computer and use it in GitHub Desktop.
Download ZIP
gpg key creation
Raw
GNUPG.md

Creating the public/private key pair (For the blinder)

gpg --gen-key

Choose the default options for the following first three questions

What kind of key? RSA and RSA

What keysize? 2048

Key is valid for? 0 (Does not expire)

It will ask for confirmation about the last question. Type y

Then give

Real name: HSC Blinder (Use your name instead)

Email: hscblinder@gmail.com (Use your email instead)

Comment:

It will ask if the USER-id it generates is Okay, press O.

Enter passphrase twice to lock the private key

This will generate the public/private key pair.

gpg --armor --export hscblinder@gmail.com > blinder_pubfile.asc

Replace hscblinder@gmail.com with the email address you gave while generating the key, and redirect to an appropriate filename which helps Rachel to keep track of whose key it is.

Importing the public key (For Rachel)

gpg --gen-key

Choose the default options for the following first three questions

What kind of key? RSA and RSA

What keysize? 2048

Key is valid for? 0 (Does not expire)

It will ask for confirmation about the last question. Type y

Then give:

Real name:

Email:

Comment:

It will ask if the USER-id it generates is Okay, press O.

Enter passphrase twice to lock the private key

This will generate your own public/private key pair. Then we have to import Jim's public key.

gpg --import blinder_pubfile.asc

gpg --edit-key "HSC Blinder"

Check the fingerprint using the command

gpg> fpr

Then sign the key if the fingerprint matches

gpg> sign

You will have to enter your passphrase for your private file. Now Jim's public key would be verified and trustworthy.

Decrypting the value of Delta m in the fits file headers:

import numpy as np
import pyfits
import gnupg
import getpass

def FITS_to_PGP(message):
    """
    Turns a string stored into an FITS comment back into a proper
    PGP message
    """
    s = "-----BEGIN PGP MESSAGE-----\n\n"
    s += message
    s += "\n-----END PGP MESSAGE-----\n"
    return s

# This is the function which you will use to decrypt the string
def decrypt_string(encrypted_string):
    string = getpass.getpass(prompt="Enter passphrase to unlock the private key:\n")
    decrypted_data = gpg.decrypt(encrypted_string, passphrase=string)

    print 'ok: ', decrypted_data.ok
    print 'status: ', decrypted_data.status
    print 'stderr: ', decrypted_data.stderr
    print 'Decrypted string (additive m value for the catalog): ', decrypted_data.data
    return decrypted_data.data


fnames = [ "GAMA09H_blinded_test11_0.fits.gz", "GAMA09H_blinded_test11_1.fits.gz", "GAMA09H_blinded_test11_2.fits.gz"]

gpg = gnupg.GPG()

for fname in fnames:
    hdulist = pyfits.open(fname, memmap=True)
    msg = hdulist[0].header["DM1"]
    print float(decrypt_string(FITS_to_PGP(msg)))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment