PGP Module Overview
- Updated on 05 Mar 2019
- 6 minutes to read
This tutorial demonstrates how to use the PGP Module Steps in Decisions, (Pretty Good Privacy). ThePGP Module is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, emails, files, directories, and whole disk partitions. It can also be used to increase the security of email communications. PGP can be used to send messages confidentially. The PGP module steps combinesymmetric key encryption and public key encryption. The message is encrypted using a symmetric encryption algorithm. This symmetric encryption algorithm requires a symmetric key . Each symmetric key or session key is used only once. The message and itssession key are sent to the receiver. The session key must be sent to the receiver so that they know how to decrypt the message. The message is protected during transmission by encrypting the receivers public key. The encrypted key can only be decrypted with the symmetric key (session key).
- Note: This Module must be installed before it is available within Decisions. Links are attached at the bottom of the page.
- Note: PGP Module in Decisions cannot be used to generate PGP public and private keys. PGP Module may be used for building workflows to encrypt or decrypt messages or files. Therefore, public and private key for PGP steps in Decisions should be generated with third-party systems.
ThePGP Module Steps can digitally sign a file. This module can verify that a message is authentic. A User signs it with a private key and then verify the files with a signature. The PGP Module steps include eight different steps that enable the designer to encrypt, decrypt and sign files. This document describes each step and how to configure it.
PGP Module Steps
Public Key: locks the message and converts the key into an encrypted file.
Private Key: Unlocks the encrypted file key and converts the message back into plain text.
- Clear Sign File - Digitally signs a file using a private key, but keeps the file contents in plain text.
- Decrypt File - Uses a private key to convert an encrypted file into plain text.
- Decrypt String - Uses a private key to convert an encrypted string into plain text.
- Encrypt File - Uses a public key to convert a plain text file into an encrypted file.
- Encrypt String - Uses a public key to encrypt a plain text string.
- Sign and Encrypt File - Uses a private key to digitally sign a file and a public key to encrypt it.
- Sign File - Uses a private key to digitally sign a file. The file is not in plain text so a decrypt file step is needed to read it.
- Verify File - Uses a public key to verify the digital signature on a file is authentic.
In the figures following, the PGP Module Steps are described in more detail and an example of the steps settings is explained.
Clear Sign File
On the Clear Sign File Step, the algorithm input creates a signature. The Inputs provide options to input data and upload aprivate key). The image displays how this step is used in a flow.
On the Clear Sign File on theInputs section next toalgorithm choose Constant and select MD5. Next, to data choose Select From Flow and Picktest file Contents
Part 2: On the Clear Sign File next to Output File Name choose Constant enter the Output File Name (clear signed.txt). Next, to private Key Password choose Constant and enter the key in the text box, (Figure 20).
2. Decrypt File
ThisDecrypt File Step takes in the encrypted file output and uses theprivate key password to unlock the private key. The Decrypt File step then uses theprivate key to decrypt the encrypted file. The private key has already been uploaded as a constant on this step. Now that theprivate key password and theprivate key have been unlocked the decrypted file will now output the File.
On the Decrypt File Step in the Inputs section next to file choose Select From Flow and pick the Encrypt Files Output (Figure 4).
3. Decrypt String
The Decrypt String Step takes in the data from theEncrypted String output and uses the private Key Password to unlock theprivate key string . After the private key is unlocked the message is decrypted into a string using plain text.
On the Decrypt String in the Inputs section next to data, choose Select From Flow. Choose the output from the Encrypt String Step . Next, to thePrivate Key Password select Constant and enter theprivate key . This example uses the word "test" . Next, toPrivate Key String chooseMerge Plain Text, selectShow Editor to view the string.
The image below shows a Merge Text Editor with the unlockedPrivate Key String.
- Decrypt String (Private Key String) - After Show Editor is selected, the Merge Text Editor will show and display the private key (test) as astring,.
4. Encrypt File
TheEncrypt File Step takes indata contents and encrypts the message. Use the public Key option to assign the encrypted message a public Key . On the Encrypt next to public Key, set it as a Constant to upload a file.
On the Encrypt File step in the Inputs section, next to binary select Constant. Next to data choose Select From Flow.
5. Encrypt String
The Encrypt Step takes in data and encrypts the data into a string with apublic Key String. The step allows you to view the public Key String in plain text.
On the Encrypt String step set the data to Constant and give theinput data a name (Test). Next to Public Key String set the type toMerge Plain Text and then selectShow Editor. TheShow Editor text box will have an encrypted string for thedata name (Test). The output will be defaulted toRename and already have an output name in the text box.
- Encrypt String (Public Key String)
After the Show Editor is selected the Public Key string will show in the Merge Text Editor.
6. Sign and Encrypt File
On theSign and Encrypt File Step in theinputs section next toalgorithms choose Constant and select the algorithm type from the drop-down. Next to binary choose Constant and leave the checkbox empty. Next to data choose Select From Flow and pick (the test file contents) . Next to internal File Label choose Constant and enter (test label). Finally next to Output File Name choose Constant and enter signed and encrypted. txt.
Continue onto the Sign and Encrypt File Step to Private Key choose Constant and upload your key. Next to Private Key Password choose Constant and enter theprivate Key password (test). Next topublic Key select Constant. Next towith Integrity Check chooseConstant andcheck the checkbox. In theOutput section next to outputs chooseRename and make sure or add the Encrypt File_Output string.
7. Sign File Step
The Sign File Step uses a private key to digitally sign a file. This Step outputs a signed text file and then a Decrypt File Step is needed to decrypt and read the file.
On the Create Sign File Step in theinputs section next to algorithm choose Constant . Next, to binary choose Constant. Next, to data choose Select From Flow, and enter the test file. Contents. Next, tointernal File Label choose Constant and enter a name in the text field. Next to OutputFile Name
Part 2 Sign File Step
On theSign File step next to private key choose Constant . Next, toprivate Key Password chooseConstant and enter the Key in the text box.
8. Verify File
The Verify File Step takes in the output data and then uses the public key to verify that the digital signature is authentic.
On the Verify File Step in the Inputs section next to data chooseSelect From Flow and pick theSignFile Output Contents. Next, to sender Public Key choose Constant and add the File.