Welcome to the Dash Forum!

Please sign up to discuss the most innovative cryptocurrency!

Basic Guide to PGP On Windows/PC (Kleopatra – Gpg4Win)

Discussion in 'Miscellaneous Dash Guides' started by tungfa, Feb 22, 2015.

  1. tungfa

    tungfa Administrator
    Dash Core Team Foundation Member Masternode Owner/Operator Moderator

    Joined:
    Apr 9, 2014
    Messages:
    8,964
    Likes Received:
    6,737
    Trophy Points:
    1,283
    Basic Guide to PGP On Windows/PC (Kleopatra – Gpg4Win)

    http://www.deepdotweb.com/2015/02/21/pgp-tutorial-for-windows-kleopatra-gpg4win/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed: DeepDotWeb (Deep Dot Web)

    Part 0 – Introduction
    Here’s the final guide in my PGP basics series, this time focusing on Windows. The OS in question will be Windows 7, but it should work for Win8 and Win8.1 as well. Obviously it’s not recommended to be using Windows to access the DNM, but I wont go into the reasons here. The tool we’ll be using is GPG4Win.

    Part 1 – Installing the software
    Just like I said above, we’ll be using GPG4Win. If you’re curious, you can view the source code for it here.

    1. Head on over to https://gpg4win.org/download.html. We want the full version, so click ‘Gpg4win 2.2.3′ [​IMG]
    2. Save it, open it when it’s done downloading. If you have UAC enabled, click ‘Yes’ on the window that appears [​IMG]
    3. Choose your language, click ‘Ok’
    4. [​IMG]
    5. Click ‘Next’, then ‘Next’ again. You’ll now be at a screen asking what components you want to install. We’ll be selecting ‘Kleopatra’, ‘GpgEX’, and ‘Gpg4win Compendium’. Then click ‘Next’ [​IMG]
    6. It will ask where to install, just keep the default and click ‘Next’
    7. Now it’ll ask where you want to install shortcuts. Select whichever you want, click ‘Next’
    8. You can choose which Start Menu folder you want it installed in, just click ‘Next’
    9. It will now install, when done you should see this. Click ‘Next’, then ‘Finish’ [​IMG]
    Now you have the tools you need to get started with PGP

    Part 2 – Generating your keypair
    The next step is to generate your keypair so you can encrypt/decrypt messages. Like always, we’ll be going with 4096 bit RSA.

    1. Open up Kleopatra, you should be greeted with this beautiful screen [​IMG]
    2. Go to ‘File’, then ‘New Certificate…’ [​IMG]
    3. The Certificate Creation Wizard should pop up, click on ‘Create a personal OpenPGP key pair’ [​IMG]
    4. Now you’ll enter your details. Use your marketplace username as ‘Name’, and fill out the rest with whatever you want. You don’t need to use a real email. Check the picture for an example on how it should look [​IMG]
    5. Do not click ‘Next’ yet, we need to fill out some more details. Click ‘Advanced Settings…’, and another window should appear. Under ‘Key Material’, make sure ‘RSA’ is checked. In the drop down menu beside it, and select ‘4,096 bits’. Check the picture to confirm you have everything set correctly, then click ‘Ok’
    6. [​IMG]
    7. Confirm you filled out all of your info correctly, then click ‘Create Key’ [​IMG]
    8. Another window will pop up asking to enter a passphrase. Do so, then click ‘Ok’ [​IMG]
    9. It will now generate your key. It will need you to do random things to create entropy. Mash keys, wiggle the mouse, watch porn, download torrents, whatever [​IMG]
    10. Your key is now created. Go ahead and click ‘Finish’ [​IMG]
    Part 3 – Obtaining your public key
    Now we need to get your public key, without it vendors wont be able to send you secure messages.

    1. Right click on your key, then click ‘Export Certificates…’ [​IMG]
    2. Browse where you want to save, give it a name, then click ‘Save’
    3. Open your favourite text editor, browse to where the file is saved. You may have to select ‘All files’ from the dropdown menu. Click the file you saved, then open [​IMG]
    4. There’s your public key [​IMG]
    Remember to add your public key to your market profile so people can message you easier!

    Part 4 – Obtaining your private key
    Just as easy as obtaining your public key

    1. Right click on your key, select ‘Export Secret Keys…’ [​IMG]
    2. Select where you want it saved, give it a name, check ‘ASCII armor’, and click ‘Ok’ [​IMG]
    3. You now have your private key
    4. [​IMG]
    Remember to keep this in a safe place, and never share it!
     
    #1 tungfa, Feb 22, 2015
    Last edited by a moderator: Feb 22, 2015
    • Like Like x 2
  2. tungfa

    tungfa Administrator
    Dash Core Team Foundation Member Masternode Owner/Operator Moderator

    Joined:
    Apr 9, 2014
    Messages:
    8,964
    Likes Received:
    6,737
    Trophy Points:
    1,283
    Part 5 – Importing a public key
    It’s impossible to send a vendor an encrypted message without their public key.

    1. Find a public key you want to import
    2. Copy everything from ‘—–BEGIN PGP PUBLIC KEY BLOCK—–‘ to ‘—–END PGP PUBLIC KEY BLOCK—‘, see the picture for an example [​IMG]
    3. In your task bar, right click on the Kleopatra icon, go to ‘Clipboard’, then click ‘Certificate Import’ [​IMG]
    4. If it worked, you should see a window pop up, click ‘Ok’ [​IMG]
    5. You should now see the imported key in Kleopatra under the ‘Other Certificates’ tab [​IMG]
    Thanks again Alan!

    Part 6 – Importing your private key
    Simple stuff.

    1. Go to ‘File’, then click ‘Import Certificates…’
    2. [​IMG]
    3. Browse to where your private key is, select it, then click ‘Open’
    4. [​IMG]
    5. It will import your private key, and pop up a window to confirm. Click ‘Ok’
    6. [​IMG]
    7. You should now see your key information under the ‘My Certificates’ tab [​IMG]
    Part 7 – Encrypting a message
    Now that we’re ready to go, lets go ahead and send a message.

    1. Open up your text editor of choice
    2. Type out your message, select it all, and copy it
    3. [​IMG]
    4. In your task bar, right click on the Kleopatra icon, go to ‘Clipboard’, then click ‘Encrypt…’
    5. [​IMG]
    6. This gorgeous window will open. Click ‘Add Recipient…’
    7. [​IMG]
    8. Another window will appear. Click the ‘Other Certificates’ tab, then select who you want to send your message to, then click ‘Ok’. [​IMG]
    9. You should be back at the previous window with the recipient listed. Click ‘Next’ [​IMG]
    10. If all went well, you should see this window. Click ‘Ok’
    11. [​IMG]
    12. Your encrypted message will be in your clipboard, all you need to do is paste it into the message box and send [​IMG]
    Part 8 – Decrypting a message
    This is just as easy as encrypting.

    1. Copy everything that was sent
    2. [​IMG]
    3. In your task bar, right click on the Kleopatra icon, go to ‘Clipboard’, then click ‘Decrypt/Verify…’
    4. [​IMG]
    5. A window will pop up asking for your passphrase, enter that then click ‘Ok’
    6. [​IMG]
    7. A window should pop up verifying it was decrypted, and copied to your clipboard. Click ‘Finish’
    8. Open your text editor of choice, and paste your message
    9. [​IMG]
    Part 9 – Conclusion
    I’m hoping this was in depth enough for you Windows users out there. PGP can seem complicated at first, but with an hour or two of your time you can see it’s actually pretty simple. There’s obviously more behind it, and different tools that can be used, but we might save that for another time. Stay safe everyone! Encrypt all messages!
     
    #2 tungfa, Feb 22, 2015
    Last edited by a moderator: Feb 22, 2015
    • Like Like x 1
  3. Voluntary

    Voluntary Member

    Joined:
    May 14, 2016
    Messages:
    109
    Likes Received:
    37
    Trophy Points:
    78
    Dash Address:
    XivwUmSu5davqhqc3BX1j4w6dskzNFihQQ
    Wonderful. But where is the public key that I can use to verify the PGP signature of the Dash wallet software I just downloaded?
     
  4. UdjinM6

    UdjinM6 Official Dash Dev
    Dash Core Team Moderator

    Joined:
    May 20, 2014
    Messages:
    3,637
    Likes Received:
    3,536
    Trophy Points:
    1,183
    • Like Like x 1
  5. CarlosMedina

    CarlosMedina New Member

    Joined:
    May 6, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    That is the best tutorial on GPG4win I have found. I have printed it and read it many times.
    For me there is only one thing missing: How to verify the integrity of a downloaded software using the .sig file and the certificate.

    Can you please add this or explain how to do it ?
    Thanks so much