使用Gpg4win命令行使用公钥批量加密 [英] Batch encrypt with public key using Gpg4win command line

问题描述

我们正在建立我们的第一个EDI系统，该系统依赖于使用OpenPGP进行的传入和传出文件加密.使用我们的公钥加密的传入文件，我们可以使用Gpg4win的命令行选项使用私钥成功解密:

We are setting up our first EDI system that relies on incoming and outgoing file encryption using OpenPGP. The incoming files that are encrypted with our public key, we can successfully decrypt using our private key using Gpg4win's command line option:

gpg --batch --passphrase "SOME_KEY" --decrypt-files "%decryptingdir%\*.pgp"

我现在要做的是相反的操作，并使用我们的合作伙伴公钥对传出文件进行加密.

What I now need to do, is the reverse, and encrypt the outgoing files using our partners public key.

我无法找到使用公钥进行批处理加密的任何命令行文档.我以为是这样的:

I have been unable to find any command line documentation around batch encryption using a public key. I assumed it would be something in the order of:

gpg --batch --encrypt-files "%encryptingfir%\*.pgp" --key "SOME_KEY_PATH"

有人可以建议我如何通过命令行实现这种加密吗?

Can anyone advise how I can achieve this encryption via the command line?

推荐答案

使用--recipient选项表示要加密的密钥. GnuPG在选项和命令之间有所区别，而选项则应优先使用.

Use the --recipient option to denote keys to encrypt for. GnuPG has a distinction between options and commands, while options should better go first.

gpg --batch --recipient [key-id] --encrypt-files "%encryptingfir%\*.pgp"

GnuPG希望将密钥导入到钥匙串中，因此首先gpg --import [key-file].有使用--keyring [your-key-file]的黑客，但是简单地导入密钥文件是更安全的方法.

GnuPG expects keys to be imported to the keychain, so gpg --import [key-file] it first. There are hacks using --keyring [your-key-file], but simply importing the key file is the safer way to go.

对于脚本化/编程操作，最佳实践是始终表示完整指纹.阅读有关密钥ID冲突的信息，以了解密钥ID短的问题.

For scripted/programmed operations, best practice is to always denote the full fingerprint. Read about key ID collisions to understand the issues with short key IDs.

这篇关于使用Gpg4win命令行使用公钥批量加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！