summaryrefslogtreecommitdiffstats
path: root/wiki/src/doc/encryption_and_privacy/gpgapplet/decrypt_verify.mdwn
blob: 4d777a8809527f3253172e71cbb7ef45dce9813b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
[[!meta title="Decrypt or verify a text created using OpenPGP Applet"]]

With <span class="application">OpenPGP Applet</span> you can
**decrypt text that is encrypted using OpenPGP** or **verify text that
is signed using OpenPGP**.

1. Select with the mouse the encrypted text that you want to decrypt or
the signed text that you want to verify. Include the lines “*-----BEGIN
PGP MESSAGE-----*“ and “*-----END PGP MESSAGE-----*”.

   To copy it into the [[!wikipedia Clipboard_(computing)
   desc="clipboard"]], right-click on the selected text and choose <span
   class="guimenuitem">Copy</span> from the menu.

2. If the text that you selected is encrypted, <span
class="application">OpenPGP Applet</span> now shows a padlock, meaning that
the clipboard contains encrypted text:
[[!img gpgapplet_with_padlock.png link="no" class="symbolic-22" alt=""]]

   If the text that you selected is only signed, but not encrypted,
   <span class="application">OpenPGP Applet</span> now shows a seal, meaning
   that the clipboard contains signed text:
   [[!img gpgapplet_with_seal.png link="no" class="symbolic-22" alt=""]]

3. Click on <span class="application">OpenPGP Applet</span> and select <span
class="guimenuitem">Decrypt/Verify Clipboard</span> from the menu.

4. If the text that you selected is only signed and the signature is
valid, the <span class="guilabel">GnuPG results</span> window described
in step 6 appears directly.

   If the text is signed and the signature is invalid, a <span
   class="guilabel">GnuPG error</span> message appears that mentions
   <span class="guilabel">BAD signature from…</span>.

   If the text is encrypted with a passphrase, the <span
   class="guilabel">Enter passphrase</span> dialog box appears. Enter
   the passphrase that has been used to encrypt the text and click <span
   class="guilabel">OK</span>.

   If the text is encrypted using public-key cryptography, two different
   dialog boxes can appear.

   a. If the passphrase for the corresponding private key is not already cached
   in memory, a dialog box appears with the following message: <span
   class="guilabel">You need a passphrase to unlock the secret key for
   user</span>. Enter the passphrase for this secret key and click <span
   class="guilabel">OK</span>.

   b. If no secret key for which the text is encrypted is available in
   your keyring, a GnuPG error message appears that mentions <span
   class="guilabel">decryption failed: secret key not available</span>.

5. If the passphrase provided in step 4 is incorrect, a <span
class="guilabel">GnuPG error</span> message appears that mentions <span
class="guilabel">decryption failed: bad key</span>.

6. If the passphrase provided in step 4 is correct, or if the signature
of the text is valid, or both, a <span class="guilabel">GnuPG
results</span> window appears.

   The decrypted text appears in the <span class="guilabel">Output of GnuPG</span> text box.

   In the <span class="guilabel">Other messages provided by GnuPG</span>
   text box, the message <span class="guilabel">Good signature
   from…</span>, confirms that the signature of the text is valid.

<div class="tip">

To store your GnuPG keys and configuration across separate working sessions,
you can activate the [[<span class="guilabel">GnuPG</span> persistence
feature|doc/first_steps/persistence/configure/#gnupg]].

</div>