Panel | ||||
---|---|---|---|---|
|
Disclaimer
Your use of this download is governed by Stonebranch’s Terms of Use, which are available at Terms Of Use.
Version Information
Template Name | Extension Name | Version |
---|---|---|
GnuPG | ue-gnupg | 1.0.0 |
Refer to Changelog for version history information.
Overview
GnuPG (GPG) is a command line tool implementing the OpenPGP standard. GPG allows for encryption , decryption and signing of data and communications. This integration provides the capability to perform file encryption and decryption, based on GnuPG.
Key Features
Feature | Description |
---|---|
Encrypt | Encrypt files based on file patterns, and optionally sign the encrypted file. |
Decrypt | Decrypt files based on file patterns, and optionally verify signature. |
Keystore Options | PGP keys can be retrieved from either a local keystore stored on the Universal Agent environment, or from a UDMG based keystore. |
Software Requirements
This integration requires a Universal Agent and a Python runtime to execute the Universal Task.
...
Encrypt a single file or multiple files given a file pattern. Optionally sign the encrypted file(s). Public key for encryption and Private Key for signing, are retrieved from the keystore stored in the locally running GnuPG tool, though fields ‘Local Key' and 'Private Key For Signing' respectively.
Configuration examples
Encrypt and sign a single file, using keys from a keyring file on the local GPG. User Scenario: Retrieve the single file "finance_report.csv", and encrypt it in ASCII format, using PGP key that exists on a local GPG keyring file, stored in /home/.gnupg directory. After the encryption is completed, sign the encrypted file. Allow the integration to overwrite any existing encrypted file with the same name. | Encrypt and sign multiple files matching a pattern, using keys stored in the default keyring of the local GPG. User Scenario: Retrieve all matching files based on filename pattern "finance_2*.csv", and encrypt it in ASCII format, using PGP key that exists on the default keyring of the local GPG. After the encryption is completed, sign the encrypted files. The task instance will fail if no matching files are found. It will also stop its execution on the first encryption error. To be proactive, the environment variable 'UE_GNUPG_VERBOSE_OUTPUT' will provide additional information on the STDOUT. |
Action Output
Output Type | Description | Example | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
EXTENSION | The extension output provides the following information:
|
| |||||||||||||||||||||
STDOUT | Display in STDOUT all GPG tool verbose information when ‘UE_GNUPG_VERBOSE_OUTPUT’ environment variable is true/True. |
|
...
Encrypt a single file or multiple files given a file pattern. Optionally sign the encrypted file(s). Public key for encryption and Private key for signing, are retrieved from a UDMG server, though fields ‘UDMG Key Name' and 'UDMG Private Key For Signing' respectively.
Configuration examples
Encrypt and sign a single file, using keys stored on a UDMG server. Retrieve the single file "finance_report.csv", and encrypt it, using PGP key that exists on a UDMG server. After the encryption is completed, sign the encrypted file. PGP Keys will temporarily be stored on the local GPG, and removed as soon the task instance is completed. Allow the integration to overwrite any existing encrypted file with the same name. | Encrypt multiple files, using keys stored on a UDMG server. Retrieve all matching files based on filename pattern "finance_2*.csv", and encrypt them, using a PGP key that exists on the default keyring of the local GPG. The task instance will fail if no matching files are found. It will stop its execution on the first encryption error, and will skip to encrypt a file if there is an existing one with the same name encrypted. |
Action Output
Info |
---|
Action Output is the same as described in Action Encrypt With Local Keystore. |
...
Decrypt a single file or multiple files given a file pattern. Optionally verify the signature of a signed and encrypted file. Private key for decryption is retrieved from local GPG keystore, through field 'Local Key'.
Configuration examples
Decrypt single file using private key stored in local GPG keystore and verify the signature. Retrieve single file and decrypt it, using a PGP key that exists on the local GPG keystore. After the decryption is completed, verify the file has been signed by ‘admin.finance@example.com'. The task instance overwrite any file named ‘finance_report' and delete the original decrypted file 'finance_report.gpg’. | Decrypt multiple files using private key stored in local GPG keystore and verify the signature. Retrieve all matching files based on filename pattern "finance_2*.gpg", and decrypt them, using a PGP key that exists on the local GPG keystore. After the decryption is completed, verify for each file that has a signature of email 'admin.finance@example.com'. Using a GPG option, ignore any MDC error produced during decryption. The task instance will stop its execution either when no matching files are found, or on the first decryption or verification error. |
Action Output
Output Type | Description | Example | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
EXTENSION | The extension output provides the following information:
|
| |||||||||||||||||||||
STDOUT | Display in STDOUT all GPG tool verbose information when ‘UE_GNUPG_VERBOSE_OUTPUT’ environment variable is true/True. |
|
...
Decrypt a single file or multiple files given a file pattern. Optionally verify the signature of a signed and encrypted file. Private key for decryption is retrieved from a UDMG server, through field 'UDMG Key Name'.
Configuration examples
Decrypt a single file using a private key stored on a UDMG server. Retrieve a single file based and decrypt it, using a PGP key that exists on a UDMG server. The task instance will stop its execution on the first decryption or verification error and will overwrite any existing decrypted file with the same name. | Decrypt multiple files with private key stored on UDMG server and verify their signature. Retrieve all matching files based on filename pattern "finance_2*.csv", and decrypt them, using a PGP key that exists on a UDMG server. After the decryption is completed, verify for each file that has a signature of email 'admin.finance@example.com'. Using a GPG option, ignore any MDC error produced during decryption. The task instance will stop its execution on the first decryption or verification error. |
Action Output
Info |
---|
Action Output is the same as described in Action Decrypt With Local Keystore. |
...