# GPG (GNU Privacy Guard)

GPG is a free-software replacement for Symantec's PGP cryptographic software suite.

### Decrypt <a href="#decrypt" id="decrypt"></a>

#### 1. Crack Passphrase from Private Key <a href="#id-1-crack-passphrase-from-private-key" id="id-1-crack-passphrase-from-private-key"></a>

* **gpg2john**

  First of all, you need to format the private key to make the John to recognize it.

  ```shellscript
  gpg2john private.key > key.txt
  gpg2john private_key.asc > key.txt
  gpg2john private_key.sig > key.txt
  ```

  Crack the passphrase using the formatted text.

  ```
  john --wordlist=wordlist.txt key.txt
  ```
* **custom script**

  If you cannot crack the passphrase using gpg2john for some reasons (error, etc), you can use [the script](https://github.com/felip091837/gpg-crack/blob/master/crackgpg.sh) as alternative.

  ```shellscript
  ./crackgpg.sh example.gpg passwords.txt
  ```

#### 2. Import the Private Key <a href="#id-2-import-the-private-key" id="id-2-import-the-private-key"></a>

```shellscript
gpg --import private.key
gpg --import private_key.asc
gpg --import private_key.sig
```

To list the imported keys,

```shellscript
gpg --list-keys
gpg --list-secret-keys
```

#### 3. Decrypt GPG (PGP) using the Passphrase <a href="#id-3-decrypt-gpg-pgp-using-the-passphrase" id="id-3-decrypt-gpg-pgp-using-the-passphrase"></a>

At that time, you'll be asked for the passphrase, so enter the passphrase you gotten in the previous section.

```shellscript
# -d: decrypt
gpg -d example.gpg
gpg -d example.pgp
```

<br>

### Decrypt ASC File <a href="#decrypt-asc-file" id="decrypt-asc-file"></a>

We can decrypt **`.asc`** file by importing private key.

```shellscript
gpg --import private.key
gpg --decrypt example.asc
```

### Encrypt <a href="#encrypt" id="encrypt"></a>

We can encrypt a message using a PGP public key.

#### 1. Import a Public Key <a href="#id-1-import-a-public-key" id="id-1-import-a-public-key"></a>

If we have already a public key, we can import it by the following command.

```
gpg --import public_key.asc
```

To list public keys, run the following command.

```
# -k / --list-keys / --list-signatures
gpg -k
```

#### 2. Encrypt a Message <a href="#id-2-encrypt-a-message" id="id-2-encrypt-a-message"></a>

If the public key was added, we can encrypt a message using it.

```shellscript
# -e: Encrypt
# -r: Recipient name
gpg -e -r "recipient name" example.txt

# -c: Encrypt only with symmetric cipher
gpg -c example.txt

# --cipher-algo: Encryption type
gpg --cipher-algo AES-256 -c example.txt
```

After that, `hello.txt.gpg` will be generated.

### Sign <a href="#sign" id="sign"></a>

To sign a message with GPG, of course we need to GPG keys.\
We can generate a public/secret key by running the command below.

```shellscript
gpg --gen-key

# Output
Real name: test
Email address: test@test.com
```

To display the contents of the public key, run the following command.

```shellscript
# -a: Ascii armored output
# --export: Export keys
# <key_name>: Optional. If you want to specify the key, specify the name.
gpg -a --export <key_name>

# Output the public key file
gpg -a -o public.key --export
```

After that, we can sign a message using the public key. At this time, we’re asked for a passphrase, so we need to enter it.

```shellscript
echo 'hello' | gpg --clear-sign
```

### Delete Keys <a href="#delete-keys" id="delete-keys"></a>

First off, we can list existing keys as below.

```shellscript
# List public keys
gpg --list-keys
# List secret keys
gpg --list-secret-keys
```

To delete specific key, run the following commands.

```shellscript
# Delete a public key
gpg --delete-key <key_id>
# e.g.
gpg --delete-key D6BA9423021A0839CCC6F3C8C61D429110B625D4

# Delete a secret key
gpg --delete-secret-key <key_id>
# e.g.
gpg --delete-secret-key D6BA9423021A0839CCC6F3C8C61D429110B625D4
```