Crypto, Certs, Digests, & All That

GNU Privacy Guard

Gnu Privacy Guard comes in two flavors: GnuPG2 (command gpg2, package gnupg2) and GnuPG (command gpg, package gnupg). GnuPG2 is the "modern" branch of GNU Privacy Guard, and GnuPG is the "classic" branch. There are differences in supported algorithms for public-key encryption, symmetric-key encryption, and hash functions. GnuPG2 also adds support for S/MIME and smart cards, gpg-agent, and a modular build with libgcrypt.

-> gpg2 --version 
gpg (GnuPG) 2.2.6
libgcrypt 1.8.2
Supported algorithms:
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

-> gpg --version
gpg (GnuPG) 1.4.22
Supported algorithms:
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

To list the public keys in your keyring:

-> gpg2 --homedir alice --list-public-keys
pub   rsa2048/4821DF647F864C58 2018-03-13 [C]
uid                 [ultimate] Alice
sub   rsa2048/45D7DFB60F009D55 2018-03-13 [E]
sub   rsa2048/D1CA5592A01F8FF9 2018-03-13 [S]

pub   ed25519/8400C46B86657827 2018-03-16 [C] [expires: 2019-03-16]
uid                 [  full  ] Bob
sub   cv25519/26F6803D1D3E2E41 2018-03-16 [E] [expires: 2019-03-16]
sub   ed25519/A10FF1BD3B1CE182 2018-03-16 [S] [expires: 2019-03-16]

To delete a public key:

-> gpg2 --delete-key E8E40FDE
pub  4096R/E8E40FDE 2010-01-19 Fedora (13) <>

Delete this key from the keyring? (y/N) y

You can omit the interactive confirmation like so:

-> gpg --batch --yes --delete-key "Fedora (12) <>"

To change the passphrase protecting your private key, use the passwd command from within the key editor:

-> gpg2 --edit-key Test
Secret key is available.

pub  2048R/4549D949  created: 2011-12-13  expires: never       usage: SC  
                     trust: ultimate      validity: ultimate
sub  2048R/4B121B1A  created: 2011-12-13  expires: never       usage: E   
[ultimate] (1). Test Key (A key for testing and trying GnuPG.)

gpg> passwd
Key is protected.

You need a passphrase to unlock the secret key for ...
Enter the new passphrase for this secret key.
gpg> quit
Save changes? (y/N) y

GPG Agent

GnuPG2's gpg-agent, a daemon, remembers a private key's passphrase during a login session. When gpg2 first needs a private key, gpg-agent prompts for the key. If another gpg2 process subsequently needs this key, gpg-agent quietly supplies the passphrase without additional prompting. For symmetric encryption, gpg-agent also handles prompting the user for a passphrase, but it does not record the passphrase.

gpg-agent's configuration file is ~/.gnupg/gpg-agent.conf.

Users don't start gpg-agent themselves (typically): If a GnuPG2 command needs the services of gpg-agent when the latter is not running, the command automatically starts the agent. (See: Invoking GPG-AGENT)

Package gnupg2 provides gpg-agent.

GNOME Keyring Agent

There are several related auto-start files (.desktop) in /etc/xdg/autostart with prefix "gnome-keyring-"; e.g., gnome-keyring-ssh.desktop.

Message Digests

The simple string "abc" (without enclosing quotation marks) is a convenient input to informally compare digest utilities (cf. NSRL Test Data):

-> echo -n abc > abc.txt
-> wc --bytes abc.txt 
3 abc.txt

Be careful to use option -n so that echo excludes a trailing newline, which it would append by default:

-> echo abc | wc --bytes

The notes below demonstrate several tools for computing digests of abc.txt.

You can use shasum (package perl-Digest-SHA) to compute SHA digests of a file or input stream, or Secure Hash Algorithm digests. It offers SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512224, and SHA-512256. For example:

-> shasum abc.txt 
a9993e364706816aba3e25717850c26c9cd0d89d  abc.txt
-> shasum --algorithm 1 abc.txt 
a9993e364706816aba3e25717850c26c9cd0d89d  abc.txt
-> shasum --algorithm 256 abc.txt 
ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad  abc.txt

You can similarly use GNU's sha1sum, sh224sum, sh256sum, sh384sum, and sh512 (package coreutils) instead:

-> sha1sum abc.txt 
a9993e364706816aba3e25717850c26c9cd0d89d  abc.txt
-> sha256sum abc.txt 
ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad  abc.txt

You can typically use these tool kits interchangeably because they produce the same output format when computing digests and expect the same input format when checking digests. For example:

-> shasum -a 512 abc.txt xyz.txt > abc-xyz.sha512
-> sha512sum --check abc-xyz.sha512 
abc.txt: OK
xyz.txt: OK

There are potential subtleties to be aware of, however. shasum offers a Universal Newlines mode and a BITS mode, but the GNU commands do not support these modes. And the GNU commands can optionally write and check the BSD-style formats, which shasum spurns.

You can use md5sum (package coreutils) to compute or check the MD5 digest of a file's contents:

-> md5sum abc.txt 
900150983cd24fb0d6963f7d28e17f72  abc.txt
-> md5sum abc.txt > abc.md5
-> md5sum --check abc.md5 
abc.txt: OK

Wikipedia's MD5 article notes that MD5 hashes are no longer secure and should be replaced by SHA-2 hashes.

You can use GnuPG's gpg2 command (package gnupg2) to compute multiple digests:

-> gpg2 --print-mds abc.txt 
abc.txt:    MD5 = 90 01 50 98 3C D2 4F B0  D6 96 3F 7D 28 E1 7F 72
abc.txt:   SHA1 = A999 3E36 4706 816A BA3E  2571 7850 C26C 9CD0 D89D
abc.txt: RMD160 = 8EB2 08F7 E05D 987A 9B04  4A8E 98C6 B087 F15A 0BFC
abc.txt: SHA224 = 23097D22 3405D822 8642A477 BDA255B3 2AADBCE4 BDA0B3F7 E36C9DA7
abc.txt: SHA256 = BA7816BF 8F01CFEA 414140DE 5DAE2223 B00361A3 96177A9C B410FF61
abc.txt: SHA384 = CB00753F 45A35E8B B5A03D69 9AC65007 272C32AB 0EDED163 1A8B605A
                  43FF5BED 8086072B A1E7CC23 58BAECA1 34C825A7
abc.txt: SHA512 = DDAF35A1 93617ABA CC417349 AE204131 12E6FA4E 89A97EA2 0A9EEEE6
                  4B55D39A 2192992A 274FC1A8 36BA3C23 A3FEEBBD 454D4423 643CE80E
                  2A9AC94F A54CA49F

If you're interested in just one digest, say SHA1, you can say so with option --print-md (not "mds") instead:

-> gpg2 --print-md sha1 abc.txt 
abc.txt: A999 3E36 4706 816A BA3E  2571 7850 C26C 9CD0 D89D

You can use OpenSSL's command dgst to compute various digests as well:

-> openssl dgst abc.txt
MD5(abc.txt)= 900150983cd24fb0d6963f7d28e17f72
-> openssl dgst -md5 abc.txt
MD5(abc.txt)= 900150983cd24fb0d6963f7d28e17f72
-> openssl dgst -sha1 abc.txt
SHA1(abc.txt)= a9993e364706816aba3e25717850c26c9cd0d89d

You have a dozen hashes to choose from:

 -> openssl list --digest-commands
blake2b512        blake2s256        gost              md2               
md4               md5               rmd160            sha1              
sha224            sha256            sha384            sha512            

Add option -r to get the output format that the GNU digests write:

-> openssl dgst -sha1 -r abc.txt
a9993e364706816aba3e25717850c26c9cd0d89d *abc.txt

The asterisk indicates binary-mode format, in particular.

GUI GtkHash displays multiple digests for a file; it offers over two-dozen algorithms. Open it with command gtkhash for GTK+2 (package gtkhash) or gtkhash3 for GTK+3 (package gtkhash3). There is no man page. For example:

-> gtkhash3 abc.txt &
[1] 4025

Select your desired algorithms under Edit → Preferences. Click the Hash button to see the digests. You can also save the computed values to a text file; say abc-digests.txt:

-> cat abc-digests.txt
# MD5
900150983CD24FB0D6963F7D28E17F72  abc.txt
# SHA1
A9993E364706816ABA3E25717850C26C9CD0D89D  abc.txt
# SHA224
23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7E36C9DA7  abc.txt
# SHA256
BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD  abc.txt
8EB208F7E05D987A9B044A8E98C6B087F15A0BFC  abc.txt
F3134348C44FB1B2A277729E2285EBB5CB5E0F29C975BC753B70497C06A4D51D  abc.txt

Plugins for Nautilus (package gtkhash-nautilus) and Thunar (gtkhash-thunar) add a Digests tab to a file's Properties dialog.