GPG Task
Disclaimer
Your use of this download is governed by Stonebranch’s Terms of Use, available at Stonebranch Integration Hub - Terms of Use.
Overview
This Universal Task provides the capabilities for Encrypting and Decrypting Files using GnuPG.
GnuPG (GNU Privacy Guard) is a free and open-source software tool that provides encryption and digital signature functionality for secure communication and data protection.
Version Information
| Template Name | Internal Name | Version |
|---|---|---|
| CS GPG | ut-cs-gpg | 1.0.4 |
Refer to Changelog for version history information.
Software Requirements
Software Requirements for Universal Template and Universal Task
This integration requires a Linux or Windows Universal Agent and gpg (GnuPG) Version 2.4.2 or higher installed on the Server where the Universal Agent is installed.
Tested with (GnuPG) Version 2.4.2.
Software Requirements Universal Agent
Linux and Windows agents are supported:
Universal Agent for Linux Version 7.1.0.0 and later with python options installed.
- Universal Agent for Windows Version 7.1.0.0 and later with python options installed.
Software Requirements Universal Controller
Universal Controller Version 7.1.0.0 and later.
Key Features
The Universal Task provides the following key features:
- Encrypt & Sign Files
- Decrypt Files incl. verification of signee
- Match Pattern support to select files for encryption, decryption, or signing
- Sign Public Keys with one of the options Sign, Cleartextsign or Detachedsign
- Import Private Keys
- Import Public Keys
- Export Private Keys
- Export Public Keys
- List Public Keys
- List Secret Keys
- Delete Public Keys
- Delete Secret Keys
- Generate a new Key Pair
Import Universal Template
Data type scripts private_key_default.asc and public_key_default.asc
need to be created first in the controller before you can import the template.
Alternatively, remove the value for the choice fields in the json by setting them to null.
To use the Universal Template, you first must perform the following steps.
This Universal Task requires the Resolvable Credentials feature. Check that the Resolvable Credentials Permitted system property has been set to true.
To import the Universal Template into your Controller, follow the instructions here.
When the files have been imported successfully, refresh the Universal Templates list; the Universal Template will appear on the list.
Configure Universal Task
For a new Universal Task, create a new task, and enter the required input fields.
The following list the different input fields required for a selected Action.
Supported Actions
The following Actions are supported:
Action | Use Case | Required Parameters |
|---|---|---|
Encrypt | Encrypt Files | •Source: Directory for Files to Encrypt or Sign •Target: Directory for Encrypted files •Encrypt File Pattern •Key ID ( Email or ID) of the Recipient Public Key |
Encrypt with option Sign | Encrypt and sign Files | •Source: Directory for Files to Encrypt or Sign •Target: Directory for Encrypted files •Encrypt File Pattern •Key ID ( Email or ID) of the Recipient Public Key •Email/ KeyID of the Private Key used for signing •Passphrase of the private key used for signing |
Decrypt | Decrypt Files | •Source: Directory for Files to Encrypt or Sign •Target: Directory for Encrypted files •Encrypt File Pattern •Key ID ( Email or ID) of the Recipient Public Key |
Sign | Sign Partner Public Key | •Passphrase of the Private Key of the Local User •Private Key Owner “Local User” |
Sign a File | Sign | •Email/KeyID of the Private Key used for signing •Passphrase of the private key used for signing |
Import Public Key | Import Public Key | •Public Key from Script Library |
Import Private Key | Import Private Key | •Private Key from Script Library |
Export Public Key | Export Public Key | •Key ID ( Email or ID) •Export Public Keys Path |
Export Private Key | Export Private Key | •Key ID ( Email or ID) •Export Private Keys Path |
List Keys | List | •Key ID ( Email or ID) of the public key owner |
List Secret Keys | List Secret Keys | •Key ID ( Email or ID) of the secret key owner |
Delete Secret Keys | Delete Secret Key | •Passphrase of the private key to delete •Fingerprint Key ID of the secret key ( choose the Action List Secret Keys to get the Key ID ) |
Delete Keys | Delete Public Key | •Fingerprint Key ID of the public key. Choose the Action List Keys to get the Key ID. Note: “Secret Key needs to be deleted first” |
Generate Key Pair | Generate Key Pair | •id: Identifier or name of the key pair owner •email: Email address associated with the key pair owner •passphrase: Passphrase to protect the generated key pair •key_type: Type of the RSA key, options: RSA, RSA1, RSA2 •key_length: Length of the RSA key in bits, e.g., 2048, 4096, 8192 •expire_date: Expiration date of the key pair, format: YYYY-MM-DD |
Action: Encrypt
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Encrypt | Choice | The following Actions can be selected: [ encrypt | decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Directory for Files to Encrypt or Sign | Required | /Input | Text | Input directory for the Files to Encrypt or Sign |
| Encrypt File Pattern | Required | files_* | Text | Wildcard '*' match is supported on Linux and Windows. Match Pattern to select the files for encryption are only supported on Linux. ; e.g. files_[1-2].txt is only support on Linux Agents. |
| Directory for encrypted Files | Required | /Encrypted | Text | Output directory for the encrypted Files |
| Email/ID of the Recipient Public Key | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ID of the Recipient Public Key used to encrypt the file |
| Overwrite Encrypted Files | Required | True | False | Boolean | Overwrite existing Encrypted Files |
| Encrypt and Sign | Optional | True | False | Boolean | Encrypt and Sign the files using the private key |
| Delete After Encryption | Optional | True | False | Boolean | Delete Input files in "Directory for Files to Encrypt or Sign" After Encryption. |
| Passphrase used for Signing | Optional | '***' | Credential | Passphrase of the Private Key owner used for Signing |
| Email/ KeyID of the Private Key used for signing | Optional | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ KeyID of the Private Key used for signing |
Configuration examples
Action: Decrypt
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Decrypt | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Directory for Encrypted Files | Required | /encrypted | Text | Input directory for the Files to Decrypt |
| Decrypt File Pattern | Required | files_* | Text | Wildcard '*' match is supported on Linux and Windows. Match Pattern to select the files for decryption are only supported on Linux. ; e.g. files_[1-2].txt is only support on Linux Agents. |
| Overwrite Decrypted Files | Required | True | False | Boolean | Overwrite existing Decrypted Files |
| Directory for Decrypted Files | Required | /Encrypted | Text | Output directory for the Decrypted Files |
| Email/ KeyID of the private key | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ID of the Recipient Private Key used to decrypt the file |
| Delete After Decryption | Optional | True | False | Boolean | Delete Encrypted files in "Directory for Decrypted Files" After Decryption. |
| Passphrase | Required | '***' | Credential | Passphrase of the Private Key owner used for decryption |
Configuration examples
Action: Sign
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Directory for Files to Encrypt or Sign | Required | /files | Text | Input directory for the Files to Sign |
| Sign File Pattern | Required | files_* | Text | Wildcard '*' match is supported on Linux and Windows. Match Pattern to select the files for decryption are support on Linux only. ; e.g. files_[1-2].txt is only support on Linux Agents. |
| Overwrite Signed Files | Required | True | False | Boolean | Overwrite existing Signed Files |
| Directory for Signed Files | Required | /signed | Text | Output directory for the Signed Files |
| Signing Options | Required | Default: Sign | Choice | [ Sign | Clearsign | Detachsign ]
|
| Local User for Signing | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ID of the Recipient Private Key used to Sign the file |
| Delete After Sign | Optional | True | False | Boolean | Delete Signed files in "Directory for Signed Files" After Signing. |
| Passphrase | Required | '***' | Credential | Passphrase of the Private Key owner used for signing |
Configuration examples
Action: Sign Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| KEY ID | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ID of the key pair owner |
| Passphrase | Required | '***' | Credential | Passphrase of the Private Key owner used for signing |
| Local User for Signing | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Private Key owner used for signing |
Configuration examples
Action: Import Private Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Private Key | Required | private_key.asc | Script | Script File with Private Key in ASC format. |
Action: Import Public Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Public Key | Required | public_key.asc | Script | Script File with Public Key in ASC format. |
Configuration examples
Action: Export Private Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Export Private Keys Path | Required | /private_keys | Text | Export Private Keys Path |
| Key ID or Email | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | KeyID or Email of the private key to export |
Configuration examples
Action: Export Public Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Export Public Keys Path | Required | /public_keys | Text | Export Public Keys Path |
| Key ID or Email | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | KeyID or Email of the public key to export |
Configuration examples
Action: List Keys
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Email/ID to List Keys | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ID to List Keys |
Configuration examples
Action: List Secret Keys
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Email/ID of user to list secret keys | Required | Email: peter.meyer@yahoo.com ID: pmeyer | Text | Email/ID of user to list secret keys |
Configuration examples
Action: Generate Key Pair
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Key ID | Required | Key ID of the Key Pair | ||
| Required | Email of the Key Pair | |||
| Passphrase | Required | '***' | Passphrase for the generated Key Pair | |
| Key Type | Required | Default: RSA | Choice | RSA Key Type: [ RSA | RSA1 | RSA2 | RSA3 ] |
| Key Length | Required | Default: 2048 | Choice | Length of the RSA key in bits: [1024 | 2048 | 4096 | 8192 ] |
| Expire Date | Required | Default: 0 YYYY-MM-DD | Text | Key expiary date Format: YYYY-MM-DD ;e.g. 2024-01-31 '0' : no expiary date |
Configuration examples
Action: Delete Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Key ID for deletion | Required | EA9B521321.. | Text | Key ID for deleting keys or secret keys ( choose the Action List Keys or List Secret Keys to get the Key ID ) |
Configuration examples
Action: Delete Secret Key
Input Fields
The input fields for this Universal Task are described in the following table.
Field | Input Type | Value | Type | Description |
|---|---|---|---|---|
| Action | Required | Sign | Choice | The following Actions can be selected: [ encrypt| decrypt | sign | sign_key | import_private_keys | import_public_keys | export_private_keys | export_public_keys | delete_keys | delete_secret_keys | list_keys | list_secret_keys | generate_key_pair ] |
| GPG Home Directory | Required | Default: /usr/bin | Text | Home directory of the gpg installation. |
| Key ID for deletion | Required | EA9B521321.. | Text | Key ID for deleting keys or secret keys ( choose the Action List Keys or List Secret Keys to get the Key ID ) |
| Passphrase | Required | '***' | Phassphrase of the private key to delete |
Configuration examples
Task Output
Exit Codes
The exit codes for this Universal Extension are described below
| Exit Code | Status Classification Code | Status Classification Description | Status Description |
|---|---|---|---|
| 0 | SUCCESS | Successful Execution | SUCCESS: Successful Task execution |
| 1 | FAILED | Failed Execution | Failed: gpg action |
STDOUT and STDERR
STDOUT and STDERR provide additional information to the User. The populated content can be changed in future versions of this extension without notice. Backward compatibility is not guaranteed.
Document References
This document references the following documents:
Document Link | Description |
|---|---|
User documentation for creating, working with, and understanding Universal Templates and Integrations. | |
User documentation for creating Universal Tasks in the Universal Controller user interface. |
Known Issues
There are no known issues
Changelog
ut-cs-gpg-1.0.4 (2024-01-04)
Enhancements
Added:Support for Windows Agent added
ut-cs-gpg-1.0.3 (2023-08-24)
Fixes
Bugfix: the default values for 2 fields in the template removed
ut-cs-gpg-1.0.2
Enhancements
Added:Action Generate Key Pair added
ut-cs-gpg-1.0.1
Enhancements
Added:Action Sign Key added
ut-cs-gpg-1.0.0
Initial Version