seangeleno · March 17, 2018 20:05
diff --git a/gpg.sh b/gpg.sh
 #!/usr/bin/env bash
 # Original: https://alexcabal.com/creating-the-perfect-gpg-keypair/

 KEY=xyz
 DATE=$(date +"%Y%m%d")
 SCRIPT_BASEDIR=$(dirname $0)


 cd $SCRIPT_BASEDIR
 echo "This script is not for use in automation"
 echo "Use it step by step"
 exit 1

 # Generate
 gpg --gen-key
 # (1) RSA and RSA (default)
 # 0 = key does not expire

 # Strengthening Hash Preferences
 gpg --edit-key $KEY
 #Supported algorithms:
 # Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
 # Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,CAMELLIA128, CAMELLIA192, CAMELLIA256
 # Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
 # Compression: Uncompressed, ZIP, ZLIB, BZIP2

 # setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
 # save

 # Add subkey
 gpg --edit-key $KEY
 # addkey
 # (4) RSA (sign only)
 # 0 = key does not expire
 # save

 # Export Public Key
 gpg -a -o ${KEY}_${DATE}.public.asc --export $KEY

 # Export Private Key
 gpg -a -o ${KEY}_${DATE}.private.asc --export-secret-keys $KEY

 # Creating Revocation Certificate
 gpg -a -o ${KEY}_${DATE}.revoccert.asc --gen-revoke $KEY

 # Integrity check
 shasum -a 256 -b ${KEY}_${DATE}.public.asc ${KEY}_${DATE}.private.asc ${KEY}_${DATE}.revoccert.asc > ${KEY}_${DATE}.sha256sum

 # Transforming your Master Key Pair into your laptop

 # Export all of the subkeys
 gpg -a -o ${KEY}_${DATE}.subkeys.asc --export-secret-subkeys $KEY

 # Delete the original signing subkey
 gpg --delete-secret-key $KEY

 # Import subkeys
 gpg --import ${KEY}_${DATE}.subkeys.asc
 #rm --remove ${KEY}_${DATE}.subkeys.asc
 #shred --remove ${KEY}_${DATE}.subkeys.asc


 # Symetric
 gpg --no-tty --batch --passphrase supersecret --cipher-algo AES256 -c file.txt
 gpg --no-tty --batch --passphrase supersecret -d -o file.txt file.txt.gpg
	#!/usr/bin/env bash
	# Original: https://alexcabal.com/creating-the-perfect-gpg-keypair/

	KEY=xyz
	DATE=$(date +"%Y%m%d")
	SCRIPT_BASEDIR=$(dirname $0)


	cd $SCRIPT_BASEDIR
	echo "This script is not for use in automation"
	echo "Use it step by step"
	exit 1

	# Generate
	gpg --gen-key
	# (1) RSA and RSA (default)
	# 0 = key does not expire

	# Strengthening Hash Preferences
	gpg --edit-key $KEY
	#Supported algorithms:
	# Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
	# Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,CAMELLIA128, CAMELLIA192, CAMELLIA256
	# Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
	# Compression: Uncompressed, ZIP, ZLIB, BZIP2

	# setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
	# save

	# Add subkey
	gpg --edit-key $KEY
	# addkey
	# (4) RSA (sign only)
	# 0 = key does not expire
	# save

	# Export Public Key
	gpg -a -o ${KEY}_${DATE}.public.asc --export $KEY

	# Export Private Key
	gpg -a -o ${KEY}_${DATE}.private.asc --export-secret-keys $KEY

	# Creating Revocation Certificate
	gpg -a -o ${KEY}_${DATE}.revoccert.asc --gen-revoke $KEY

	# Integrity check
	shasum -a 256 -b ${KEY}_${DATE}.public.asc ${KEY}_${DATE}.private.asc ${KEY}_${DATE}.revoccert.asc > ${KEY}_${DATE}.sha256sum

	# Transforming your Master Key Pair into your laptop

	# Export all of the subkeys
	gpg -a -o ${KEY}_${DATE}.subkeys.asc --export-secret-subkeys $KEY

	# Delete the original signing subkey
	gpg --delete-secret-key $KEY

	# Import subkeys
	gpg --import ${KEY}_${DATE}.subkeys.asc
	#rm --remove ${KEY}_${DATE}.subkeys.asc
	#shred --remove ${KEY}_${DATE}.subkeys.asc


	# Symetric
	gpg --no-tty --batch --passphrase supersecret --cipher-algo AES256 -c file.txt
	gpg --no-tty --batch --passphrase supersecret -d -o file.txt file.txt.gpg