x-yuri/Passing a message from user A to user B using GPG.md

## Passing a message from user A to user B using GPG.md

      
    Raw
  

              Passing a message from user A to user B using GPG.md
            
          
    Passing a message from user A to user B using GPG

a.sh:
apk add gpg gpg-agent

mkdir a
GNUPGHOME=a gpg --quick-gen-key --batch --passphrase '' a@gmail.com
mkdir b
GNUPGHOME=b gpg --quick-gen-key --batch --passphrase '' b@gmail.com

GNUPGHOME=b gpg --export --output b.gpg b@gmail.com
GNUPGHOME=a gpg --import b.gpg
b_fingerprint=`GNUPGHOME=a gpg --fingerprint --with-colons b@gmail.com | awk -F: '/^pub:/ {getline; print $10}'`
GNUPGHOME=a gpg --quick-sign-key "$b_fingerprint"

echo 42 > c
GNUPGHOME=a gpg --encrypt --recipient b@gmail.com --output c.gpg c
GNUPGHOME=b gpg --decrypt --output c2 c.gpg
cat c2
$ docker run --rm -v $PWD/a.sh:/a.sh alpine:3.16 sh -eux ./a.sh
...
+ mkdir a
+ GNUPGHOME=a gpg --quick-gen-key --batch --passphrase  a@gmail.com
gpg: keybox '/a/pubring.kbx' created
gpg: /a/trustdb.gpg: trustdb created
gpg: directory '/a/openpgp-revocs.d' created
gpg: revocation certificate stored as '/a/openpgp-revocs.d/C18CCF44E246369593F2E115629E83B8B77B9550.rev'

+ mkdir b
+ GNUPGHOME=b gpg --quick-gen-key --batch --passphrase  b@gmail.com
gpg: keybox '/b/pubring.kbx' created
gpg: /b/trustdb.gpg: trustdb created
gpg: directory '/b/openpgp-revocs.d' created
gpg: revocation certificate stored as '/b/openpgp-revocs.d/2731E3B4CBF117A643974F874F6B2EC9F65A082C.rev'

+ GNUPGHOME=b gpg --export --output b.gpg b@gmail.com
+ GNUPGHOME=a gpg --import b.gpg
gpg: key 4F6B2EC9F65A082C: public key "b@gmail.com" imported
gpg: Total number processed: 1
gpg:               imported: 1
+ GNUPGHOME=a gpg --fingerprint --with-colons b@gmail.com
+ awk -F: '/^pub:/ { getline; print $10}'
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2024-06-07
+ b_fingerprint=2731E3B4CBF117A643974F874F6B2EC9F65A082C
+ GNUPGHOME=a gpg --quick-sign-key 2731E3B4CBF117A643974F874F6B2EC9F65A082C

pub  rsa3072/4F6B2EC9F65A082C
     created: 2022-06-08  expires: 2024-06-07  usage: SC  
     trust: unknown       validity: unknown
 Primary key fingerprint: 2731 E3B4 CBF1 17A6 4397  4F87 4F6B 2EC9 F65A 082C

     b@gmail.com

This key is due to expire on 2024-06-07.

+ echo 42
+ GNUPGHOME=a gpg --encrypt --recipient b@gmail.com --output c.gpg c
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   1  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   1  signed:   0  trust: 1-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2024-06-07
+ GNUPGHOME=b gpg --decrypt --output c2 c.gpg
gpg: encrypted with 3072-bit RSA key, ID 91653D9150F31E77, created 2022-06-08
      "b@gmail.com"
+ cat c2
42