For instance if a mail agent doesn't directly support encryption and signing it's still possible to encrypt and sign messages using GEdit as a manual preprocessor. Naturally the keys will have to be present on both endpoints in order to decrypt and verify the message. But that's not that hard with Seahorse. Of course if the mail agent provide all the details built-in it will be much easier; nevertheless...
Let me start with a regular text file I wish to sign.
As you know this will allow me to later verify if someone has tampered with it.
I assume the following prerequisites have been fulfilled:
To sign all the text simply choose Edit | Sign on the GEdit main menu.
A small dialog will open asking for a key to use for signing.
After selecting the desired key click the OK button.
(on the figure below I masked my own key)
If the key passphrase isn't cached by a GNOME keyring, it will be prompted before continuing. Note that there's a
degree of asynchronism between the GNOME keyring prompt and the text
encryption plugin operation in GEdit, so it's advisable to promptly
input the passphrase when asked for.
If everything goes well GEdit will automatically refresh accordingly:
Note the * in front of the file name on the GEdit editor tab.
In order to confirm the changes the file must be saved.
Of course the file will grow a few more bytes:
NOTE
It's important to notice that Nautilus will know nothing about the fact that the file has been signed. From its point of view it's a regular text/plain.
NOTE
As long as the valid key is present on both the endpoints where the message is exchanged one can freely copy and paste the region-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA-1
...
-----END PGP SIGNATURE-----
NOTE
SHA-1 has been deprecated as vulnerable nowadays.
While the expected SHA-3 isn't available use SHA-512 instead.
Fear nothing, adjust the GNUPG defaults and regenerate the key.
Use RSA 4096 and SHA-512.
Naturally, to verify the message from within GEdit it's just as easy.
Choose Edit | Decrypt/Verify from the main menu.
The passphrase may be asked accordingly.
Upon success the following notification appears:
And that's all.