# PGP (Pretty Good Privacy) Cryptographic Privacy And Authentication
SUMMARY
- Workato's PGP app enables encryption, decryption, signing, and verifying of files using AES256 and SHA256 algorithms.
- PGP encryption setup may require public, private, or both types of keys.
- Users can generate a new PGP key pair using terminal commands.
- The PGP connector supports four actions: encryption, decryption, signing, and verification.
Using the PGP app, you can perform common cryptographic functions like encrypting, decrypting, signing, and verifying files, based on the common PGP standard. Under the hood, we use AES256 cipher algorithm and SHA256 digest algorithm.
Depending on the operation you want to perform, you may need to provide the public key, private key, or both keys to set up the PGP encryption tool.
# Generating PGP Keys
If you don't already have a set of PGP keys, use the following instructions to generate a new key.
Download and install the GPG command line tools (opens new window) for your operating system. Please ensure that the GPG version used is v2.2.x or lower.
Open the Terminal or Command Prompt.
Execute the following command to generate a PGP key pair:
gpg --full-generate-key
When prompted, select RSA key with 3072 bits and enter your user ID information, including a valid name and email address.
Enter a secure passphrase. Remember this passphrase, as you'll need it later to setup the PGP encryption tool.
Execute the following command to list the PGP keys for which you have both a public and private key:
gpg --list-secret-keys --keyid-format LONG
From the list of PGP keys, copy the PGP key ID you'd like to use. In this example, the PGP key ID is 7F87F1F21EEAAAB9
:
Use the commands below to print out Public Key and Private Key, substituting in the PGP key ID you'd like to use. In this example, the PGP key ID is 7F87F1F21EEAAAB9
:
gpg --armor --export 7F87F1F21EEAAAB9
gpg --armor --export-secret-key 7F87F1F21EEAAAB9
Private key and passphrase setup must be done in the connection. Use the public key input field in the action to use the public key for operations that require the public key.
# Actions
The PGP connector supports the following actions:
# Encrypt
The Encrypt file with PGP action lets you encrypt data using the public key specified in the action.
In addition, you can choose to sign the data with PGP. The private key and passphrase from the connection is used to sign the data.
The ASCII armor option generates the encrypted content as printable ASCII characters. The content can be sent in and as standard messaging format such as an email.
# Decrypt
The Decrypt file with PGP action lets you decrypt data using the private key specified in the connection.
If you specify the Verification public key in the action, this action will verify the signed content as part of the decrypt action.
# Sign
The Sign file with PGP action signs the data using the private key and passphrase specified in the connection. This is a standalone action to sign the data for use cases when only signing is needed.
The ASCII armor option generates the encrypted content as printable ASCII characters. The content can be sent in and as standard messaging format such as an email.
# Verify
The Verify file signed with PGP action verifies the signed data using the Verification public key specified in the action.
This is a standalone action to verify the signed data for use cases when only signature verification is needed.
Last updated: 6/29/2023, 6:40:28 PM