Hi All,
I am looking to automate a few things. Does anyone know if they are possible and how to do them?
1.) I want to automate the encryption of files. My ultimate goal is to let users drop files into a folder and then monitor that folder for new files, encrypt them and post them via SFPT to a specific location.
2.) Automatically move a file to a new location once it has been encrypted through the above automated process.
Are either of these possible?
Thanks!
Hi Brad,
it is possible to automate crypto operations on files with Gpg4win!
The crypto engine is called GnuPG and comes with a number of executables
and an API called GPGME.
If the operations are simple you may use Powershell or a scripting framework of your choice and run the commands, e.g. like “gpg” for OpenPGP file operations.
Once you want more robustness and control you would probably use GPGME via your preferred language (e.g. Python), see https://wiki.gnupg.org/APIs .
Assuming you are in the simple case: First look how to trigger some action based on a change in a folder with Powershell and then build a script that calls gpg --encrypt ... for the file and then does the transfer.
Best Regards,
Bernhard
Thanks Bernhard,
I will give it a shot.
Brad
You are welcome Brad!
We appreciate your publishing your result here or on the wiki
to help others profit from your experiences.
Best,
Bernhard
Hi. I used gpg to encrypt a file from the command line; however, I keep getting prompted with the statement\question:
– Use this key anyway? (y/N)
Is there a way to suppress this message? It prevents the users from fully automating a process as it requires human intervention. Thanks!
Med
After posting this I did further research and found that you can use the following option in the command:
–trust-model pgp|classic|direct|always|auto
Set what trust model GnuPG should follow. The models are:
pgp This is the Web of Trust combined with trust signatures as used in
PGP 5.x and later. This is the default trust model when creating a
new trust database.
classic
This is the standard Web of Trust as used in PGP 2.x and earlier.
direct Key validity is set directly by the user and not calculated via
the Web of Trust.
always Skip key validation and assume that used keys are always fully
trusted. You generally won't use this unless you are using some
external validation scheme. This option also suppresses the
"[uncertain]" tag printed with signature checks when there is no
evidence that the user ID is bound to the key.
auto Select the trust model depending on whatever the internal trust
database says. This is the default model if such a database
already exists.
I tried using --trust-model always and this resolved my issue. Thanks!
Med
Hi Med,
good to know that you found out how to set always trust.
(It assumes that you have verified the pubkey you are using by other means,
which I think you will be well aware off. 
)
Best Regards,
Bernhard
Hi,
Does it support java? A java bases application is sending data that needs to be encrypted in PGP when it sends via Sftp and data is sent back and needs to be decrypted.
Thanks…
You can call gpg.exe in Java with a process call.
An OpenPGP Implementation (which is compatible) in Java is Bouncy Castle.
Thanks for the info.
Hi Brad,
Could you share whether you were able to automate the encryption of files? I need to encrypt some files on a daily basis and would like to automate the encryption. Thanks!