GPG Task

This integration has been sunset

It is replaced by GnuPG.

Disclaimer

Your use of this download is governed by Stonebranch’s Terms of Use, available at Stonebranch Integration Hub - Terms of Use.

Overview

This Universal Task provides the capabilities for Encrypting and Decrypting Files using GnuPG.

GnuPG (GNU Privacy Guard) is a free and open-source software tool that provides encryption and digital signature functionality for secure communication and data protection.


Version Information

Template NameInternal NameVersion
CS GPGut-cs-gpg1.0.4

Refer to GPG Task#Changelog for version history information.

Software Requirements

Software Requirements for Universal Template and Universal Task

This integration requires a Linux or Windows Universal Agent and gpg (GnuPG) Version 2.4.2 or higher installed on the Server where the Universal Agent is installed. 

Tested with (GnuPG) Version 2.4.2.

Software Requirements Universal Agent

Linux and Windows agents are supported:

  • Universal Agent for Linux Version 7.1.0.0 and later with python options installed.

  • Universal Agent for Windows Version 7.1.0.0 and later with python options installed.

Software Requirements Universal Controller

Universal Controller Version 7.1.0.0 and later.

Key Features

The Universal Task provides the following key features:

  • Encrypt & Sign Files
  • Decrypt Files incl. verification of signee  
  • Match Pattern support to select files for encryption, decryption, or signing
  • Sign Public Keys with one of the options Sign, Cleartextsign or Detachedsign
  • Import Private Keys
  • Import Public Keys
  • Export Private Keys
  • Export Public Keys
  • List Public Keys
  • List Secret Keys
  • Delete Public Keys
  • Delete Secret Keys
  • Generate a new Key Pair

Import Universal Template

Data type scripts private_key_default.asc and public_key_default.asc
need to be created first in the controller before you can import the template.

Alternatively, remove the value for the choice fields in the json by setting them to null.

To use the Universal Template, you first must perform the following steps.

  1. This Universal Task requires the Resolvable Credentials feature. Check that the Resolvable Credentials Permitted system property has been set to true.

  2. To import the Universal Template into your Controller, follow the instructions here.

  3. When the files have been imported successfully, refresh the Universal Templates list; the Universal Template will appear on the list.

Configure Universal Task

For a new Universal Task, create a new task, and enter the required input fields.

The following list the different input fields required for a selected Action.

Supported Actions

The following Actions are supported:

Action

Use Case

Required Parameters

Encrypt

Encrypt Files

•Source: Directory for Files to Encrypt or Sign

•Target: Directory for Encrypted files

•Encrypt File Pattern

•Key ID ( Email or ID) of the Recipient Public Key

Encrypt with option Sign

Encrypt and sign Files

•Source: Directory for Files to Encrypt or Sign

•Target: Directory for Encrypted files

•Encrypt File Pattern

•Key ID ( Email or ID) of the Recipient Public Key

•Email/ KeyID of the Private Key used for signing

•Passphrase of the private key used for signing

Decrypt

Decrypt Files

•Source: Directory for Files to Encrypt or Sign

•Target: Directory for Encrypted files

•Encrypt File Pattern

•Key ID ( Email or ID) of the Recipient Public Key

Sign

Sign Partner Public Key

•Passphrase of the Private Key of the Local User

•Private Key Owner “Local User”

Sign a File

Sign

•Email/KeyID of the Private Key used for signing

•Passphrase of the private key used for signing

Import Public Key

Import Public Key

•Public Key from Script Library

Import Private Key

Import Private Key

•Private Key from Script Library

Export Public Key

Export Public Key

•Key ID ( Email or ID)

•Export Public Keys Path

Export Private Key

Export Private Key

•Key ID ( Email or ID)

•Export Private Keys Path

List Keys

List

•Key ID ( Email or ID) of the public key owner

List Secret Keys

List Secret Keys

•Key ID ( Email or ID) of the secret key owner

Delete Secret Keys

Delete Secret Key

•Passphrase of the private key to delete

•Fingerprint Key ID of the secret key ( choose the Action List Secret Keys to get the Key ID )

Delete Keys

Delete Public Key

•Fingerprint Key ID of the public key. Choose the Action List Keys to get the Key ID. Note: “Secret Key needs to be deleted first”

Generate Key Pair

Generate Key Pair

•id: Identifier or name of the key pair owner

•email: Email address associated with the key pair owner

•passphrase: Passphrase to protect the generated key pair

•key_type: Type of the RSA key, options: RSA, RSA1, RSA2

•key_length: Length of the RSA key in bits, e.g., 2048, 4096, 8192

•expire_date: Expiration date of the key pair, format: YYYY-MM-DD


Action: Encrypt

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredEncryptChoice

The following Actions can be selected:

encrypt | decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Directory for Files to Encrypt or SignRequired

/Input

TextInput directory for the Files to Encrypt or Sign
Encrypt File PatternRequiredfiles_*Text

Wildcard '*' match is supported on Linux and Windows.

Match Pattern to select the files for encryption are only supported on Linux.

; e.g. files_[1-2].txt is only support on Linux Agents.

Directory for encrypted FilesRequired/EncryptedTextOutput directory for the encrypted Files
Email/ID of the Recipient Public KeyRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextEmail/ID of the Recipient Public Key used to encrypt the file
Overwrite Encrypted FilesRequiredTrue | FalseBooleanOverwrite existing Encrypted Files
Encrypt and SignOptionalTrue | FalseBooleanEncrypt and Sign the files using the private key 
Delete After EncryptionOptionalTrue | FalseBooleanDelete Input files in "Directory for Files to Encrypt or Sign" After Encryption. 
Passphrase used for SigningOptional'***'CredentialPassphrase of the Private Key owner used for Signing
Email/ KeyID of the Private Key used for signingOptional

Email: peter.meyer@yahoo.com

ID: pmeyer

TextEmail/ KeyID of the Private Key used for signing

Configuration examples


Action: Decrypt

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredDecryptChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Directory for Encrypted FilesRequired

/encrypted

TextInput directory for the Files to Decrypt
Decrypt File PatternRequiredfiles_*Text

Wildcard '*' match is supported on Linux and Windows.

Match Pattern to select the files for decryption are only supported on Linux.

; e.g. files_[1-2].txt is only support on Linux Agents.

Overwrite Decrypted FilesRequiredTrue | FalseBooleanOverwrite existing Decrypted Files
Directory for Decrypted FilesRequired/EncryptedTextOutput directory for the Decrypted Files
Email/ KeyID of the private keyRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextEmail/ID of the Recipient Private Key used to decrypt the file
Delete After DecryptionOptionalTrue | FalseBooleanDelete Encrypted files in "Directory for Decrypted Files" After Decryption. 
PassphraseRequired'***'CredentialPassphrase of the Private Key owner used for decryption

Configuration examples

Action: Sign

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Directory for Files to Encrypt or SignRequired

/files

TextInput directory for the Files to Sign
Sign File PatternRequiredfiles_*Text

Wildcard '*' match is supported on Linux and Windows.

Match Pattern to select the files for decryption are support on Linux only.

; e.g. files_[1-2].txt is only support on Linux Agents.

Overwrite Signed FilesRequiredTrue | FalseBooleanOverwrite existing Signed Files
Directory for Signed FilesRequired/signedTextOutput directory for the Signed Files
Signing OptionsRequired

Default: Sign

Choice

[ Sign | Clearsign | Detachsign ]

  • Sign: Signed file includes both the original content and the signature as a single entity;
  • Clearsign: Same as sign but making a cleartext signature;
  • Detachsign: Separate signature file with suffix *.sig
Local User for SigningRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextEmail/ID of the Recipient Private Key used to Sign the file
Delete After SignOptionalTrue | FalseBooleanDelete Signed files in "Directory for Signed Files" After Signing. 
PassphraseRequired'***'CredentialPassphrase of the Private Key owner used for signing





Configuration examples


Action: Sign Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
KEY IDRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextEmail/ID of the key pair owner
PassphraseRequired'***'CredentialPassphrase of the Private Key owner used for signing
Local User for SigningRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextPrivate Key owner used for signing

Configuration examples


Action: Import Private Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Private KeyRequiredprivate_key.ascScriptScript File with Private Key in ASC format.
Configuration examples

Action: Import Public Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Public KeyRequiredpublic_key.ascScriptScript File with Public Key in ASC format.

Configuration examples

Action: Export Private Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Export Private Keys PathRequired/private_keysTextExport Private Keys Path
Key ID or EmailRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextKeyID or Email of the private key to export

Configuration examples

Action: Export Public Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Export Public Keys PathRequired/public_keysTextExport Public Keys Path
Key ID or EmailRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextKeyID or Email of the public key to export

Configuration examples

Action: List Keys

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Email/ID to List KeysRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

Text

Email/ID to List Keys

Configuration examples

Action: List Secret Keys

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Email/ID of user to list secret keysRequired

Email: peter.meyer@yahoo.com

ID: pmeyer

TextEmail/ID of user to list secret keys

Configuration examples

Action: Generate Key Pair

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Key IDRequired

Key ID of the Key Pair
EmailRequired

Email of the Key Pair
PassphraseRequired'***'
Passphrase for the generated Key Pair
Key TypeRequiredDefault: RSAChoice

RSA Key Type:

[ RSA | RSA1 | RSA2 | RSA3 ]

Key LengthRequiredDefault: 2048Choice

Length of the RSA key in bits:

[1024 | 2048 | 4096 | 8192 ]

Expire DateRequired

Default: 0

YYYY-MM-DD

Text

Key expiary date

Format: 

YYYY-MM-DD

;e.g. 2024-01-31

'0' : no expiary date

Configuration examples

Action: Delete Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Key ID for deletionRequiredEA9B521321..TextKey ID for deleting keys or secret keys ( choose the Action List Keys or List Secret Keys to get the Key ID )

Configuration examples

Action: Delete Secret Key

Input Fields

The input fields for this Universal Task are described in the following table.

Field
Input Type
Value
Type
Description
ActionRequiredSignChoice

The following Actions can be selected:

[ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ]

GPG Home DirectoryRequiredDefault: /usr/binTextHome directory of the gpg installation. 
Key ID for deletionRequiredEA9B521321..TextKey ID for deleting keys or secret keys ( choose the Action List Keys or List Secret Keys to get the Key ID )
PassphraseRequired'***'
Phassphrase of the private key to delete

Configuration examples

Task Output

Exit Codes

The exit codes for this Universal Extension are described below

Exit CodeStatus Classification CodeStatus Classification DescriptionStatus Description
0SUCCESSSuccessful ExecutionSUCCESS: Successful Task execution
1FAILEDFailed ExecutionFailed: gpg action

STDOUT and STDERR

STDOUT and STDERR provide additional information to the User. The populated content can be changed in future versions of this extension without notice. Backward compatibility is not guaranteed.

Document References

This document references the following documents:

Document Link

Description

Universal Templates

User documentation for creating, working with, and understanding Universal Templates and Integrations.

Universal Tasks

User documentation for creating Universal Tasks in the Universal Controller user interface.

Known Issues

  • There are no known issues

Changelog

ut-cs-gpg-1.0.4 (2024-01-04)

Enhancements

  • Added: Support for Windows Agent added

ut-cs-gpg-1.0.3 (2023-08-24)

Fixes

  • Bugfix: the default values for 2 fields in the template removed

ut-cs-gpg-1.0.2

Enhancements

  • Added: Action Generate Key Pair added

ut-cs-gpg-1.0.1

Enhancements

  • Added: Action Sign Key added

ut-cs-gpg-1.0.0

Initial Version