OpenPGP Module
Properties Configuration Settings
The OpenPGP Transformer provides OpenPGP signing and encryption functionality.
Remarks
The OpenPGP Module is used for sending and receiving OpenPGP signed and encrypted messages. The messages may be signed, encrypted, or both.
By default the OpenPGP Module will use an internal OpenPGP implementation. This implementation of OpenPGP does not require any additional dependencies and is completely managed. Alternatively the module may be configured to use an external implementation such as GnuPG. See PGPProviderType for details.
OpenPGP Encoder Module
The encoder takes raw messages as input, and generates a signed, encrypted, or signed and encrypted OpenPGP message as output. This module adds encryption and signing functionality to your Mule Project.
The SignData and EncryptData properties tell the module which operations should be performed on the message. Set the respective property to true to enable the operation. If signing a message, you will need to specify the private key for signing in the Key property. If encrypting a message, you will need to specify the public key of the recipient in the RecipientKey property. Optionally use the PGPParams property to specify input parameters to the operation.
Encode Example
To get started, simply provide the module a message to encode. Do this by setting the payload of a Mule Message to the Binary input data before it arrives at the Encode operation. For example, add a File Read Connector to your flow and add OpenPGP Encode behind it. There is no need to transform the output of the File Read Connector before passing it to the OpenPGP Encoder.
Configure the module with at a minimum the RecipientKey property and it will begin encrypting messages. To write the resulting message to disk, add a File Write connector behind the OpenPGP Encode operation and specify the Path and Content. The output of the Encoder in the payload can be passed directly to the File Write connector.
OpenPGP Decoder Module
The decoder takes OpenPGP signed, encrypted, or signed and encrypted messages as input, then verifies and/or decrypts the message. The resulting message will be the raw original message.
The incoming message will be decrypted using the private key in the Key property. Verification is performed automatically when the public key of the signer is specified in the SignerKey property. Optionally use the PGPParams property to specify input parameters to the operation.
Decode Example
To get started, simply provide the module a message to decode. Do this by setting the payload of a Mule Message to the Binary input data before it arrives at the Decode operation. For example. add a File Read Connector in front of OpenPGP Decode. There is no need to transform the output of the File Read Connector before passing it to the OpenPGP Decoder.
Configure the module with at a minimum the Key property and it will begin processing messages. To write the resulting message to disk, add a File Write connector behind the OpenPGP Decode operation and specify the Path and Content. The output of the Decoder in the payload can be passed directly to the File Write connector.
Encoder Property List
The following is the full list of the properties of the encoder module with short descriptions. Click on the links for further details.
| ASCIIArmor | Specifies whether to use ASCII armor to encode the output message. |
| CompressionMethod | The compression algorithm used. |
| EncryptData | Whether or not to encrypt the data. |
| EncryptingAlgorithm | The encryption algorithm used when encrypting. |
| HomeDir | The home directory containing the keyring. |
| Key | Specifies the OpenPGP private key to use for decryption and signing. |
| LogFile | The file to write logging information to at runtime. |
| LogMode | What information gets logged during component execution. |
| LogType | How information gets logged during component execution. |
| Other | Defines a set of configuration settings to be used by the transformer. |
| Passphrase | The passphrase of the private/secret key. |
| PGPParams | Sets the parameters in the OpenPGP provider. |
| RecipientKey | Specifies the OpenPGP public key to use for encryption. |
| RecipientUserId | The user Id of the recipient. |
| RuntimeLicense | Specifies the component runtime license key. |
| SignData | Whether or not to sign the data. |
| SigningAlgorithm | The signature hash algorithm used when signing. |
| TempPath | The path to which temporary files are written at runtime. |
| UserId | The user Id of the key. |
Decoder Property List
The following is the full list of the properties of the decoder module with short descriptions. Click on the links for further details.
| HomeDir | The home directory containing the keyring. |
| Key | Specifies the OpenPGP private key to use for decryption and signing. |
| LogFile | The file to write logging information to at runtime. |
| LogMode | What information gets logged during component execution. |
| LogType | How information gets logged during component execution. |
| Other | Defines a set of configuration settings to be used by the transformer. |
| Passphrase | The passphrase of the private/secret key. |
| PGPParams | Sets the parameters in the OpenPGP provider. |
| RuntimeLicense | Specifies the component runtime license key. |
| SignerKey | Specifies the OpenPGP public key to use for signature verification. |
| SignerUserId | The user Id of the signer. |
| TempPath | The path to which temporary files are written at runtime. |
| UserId | The user Id of the key. |
Configuration Settings
The following is a list of configuration settings for the module with short descriptions. Click on the links for further details.
| AllowOldPacketType | Whether to allow the older encrypted packet type. |
| Filename | The original name of the file to encrypt. |
| ForceV3Signature | Whether to use v3 signatures. |
| KeySelectionMethod | The method used to select a key for encryption or signing. |
| LogDebugData | Whether to include debug information in the log. |
| PublicKeyringFile | The name of the public keyring file. |
| RecursiveDecryptMode | Whether the encrypted data should be decrypted recursively. |
| RequireEncryption | Whether an error should be thrown if the message is not encrypted. |
| RequireSignature | Whether an error should be thrown if the message is not signed. |
| SecretKeyringFile | The name of the secret keyring file. |
| SymmetricPassphrase | The password used for symmetric encryption or decryption. |