User:Tim Starling/Gpg4win tutorial

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Gpg4win is a package of open source utilities for key management, encryption and decryption. It can be used for email encryption in conjunction with web-based email or any other email client.

This tutorial can be moved to the Wikipedia namespace if that is deemed appropriate.

Installation

Go to http://www.gpg4win.org/download.html
Download the full version
Run the file and follow the prompts to install it

Key generation

Start "Kleopatra"
Click File > New Certificate > Create a personal OpenPGP key pair
Enter your name and email address, leave the comment blank. Note that the email address you give will be made public.
Click Next
Click "Create key"
Enter a passphrase. This will be used to encrypt the private key on your hard drive.

Publish public key

In the main window, right-click on the key you just generated and click "Export certificates".
Save it somewhere on your hard drive with a .txt extension.
Open the file in notepad or whatever.
The key should start with

-----BEGIN PGP PUBLIC KEY BLOCK-----

Note that it says PUBLIC. If it says "private", you did something wrong. Don't publish your private key.

Paste the text from the file into Wikipedia while you are logged in, say as a user subpage, or in an HTML comment or collapsed box on your user page (e.g. by enclosing it {{PGP top}}/{{PGP bottom}}).

Receiving encrypted email

An encrypted message looks like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.10 (GNU/Linux)

hQIOA5iUCyMfX/D2EAgAhikRs40xo05gNu9XSIO2jrjTIShwfWK2d7+9xlv9UjDN
...
-----END PGP MESSAGE-----

Copy the message including the BEGIN line and the END line. You can omit anything outside those lines, such as advertisements.
Paste it into notepad. Save it to a file.
In Kleopatra, click "Decrypt/Verify Files" in the toolbar.
Select the encrypted message file that you just saved.
Click "Decrypt/Verify"
If everything worked, a file should have been created in the directory you selected, containing the decrypted message.

Importing a public key

Go to the user's user page, find their key.
Go to the page history, find the revision where the key was added. Make sure the correct user added it.
Go to the old revision.
Copy the key out of the old revision, paste it into a text file using notepad.
Save it to a file, with extension ".gpg". This may be difficult if you have Windows configured to hide file extensions.
In Kleopatra, click File > Import Certificates
Choose the .gpg file you saved.
Click "OK" when it tells you the import was successful.

Sending encrypted email

Save the text you want to send in a text file, say using notepad
In Kleopatra, click "Sign/Encrypt Files"
Select the file with the message you want to send
Uncheck "Archive file with..."
Check "Text output (ASCII armor)"
Click Next
Click on your own certificate, click "Add". Then click the certificate of the person you want to send the message to, and click "Add" again.
Click Next
Under "OpenPGP Signing Certificate", select your own certificate, if it's not selected already.
Click "Sign and Encrypt".
A file will be created which contains the text you need to send. Open the file and paste it into an email.
Note that the subject line of the email is not encrypted. Don't put private information in the subject line.