PGP

Overview

This node provides OpenPGP encryption, decryption, signing, and verification functionalities for both text and binary data. It supports operations such as decrypting messages or files, optionally verifying signatures, and handling compression algorithms on binary inputs.

Common scenarios include:

• Securely decrypting encrypted emails or files.
• Verifying the authenticity of signed messages.
• Decrypting and verifying signed content in one step.
• Handling PGP-encrypted binary files with optional compression.

Practical examples:

• Decrypting a PGP-encrypted text message received from a colleague.
• Decrypting and verifying a signed document file to ensure it has not been tampered with.
• Signing a text message before sending it to guarantee its origin.
• Encrypting a binary file (e.g., PDF) with compression for secure storage or transmission.

Properties

Name	Meaning
Input Type	Choose whether the input is plain text or binary data.
Compression Algorithm	Select the compression algorithm to apply on binary data: Uncompressed, Zip, or Zlib.
Message	The plaintext message to process (used when Input Type is Text).
Binary Property Name	The name of the binary property containing the data to process (used when Input Type is Binary).

Output

The output structure depends on the operation and input type:

• For text input:

  • json contains fields like:
    • encrypted: The encrypted text result.
    • decrypted: The decrypted text result.
    • signature: The generated signature string.
    • verified: Boolean indicating if signature verification succeeded.
  • No binary output is produced.

• For binary input:

  • binary contains properties such as:
    • message: The encrypted binary data encoded in base64 with MIME type application/pgp-encrypted.
    • decrypted: The decrypted binary data encoded in base64 with MIME type application/octet-stream.
    • signature: The detached signature in base64 with MIME type application/pgp-signature and .sig extension.
  • json may contain verification results (verified boolean).

Compression is applied or removed on binary data depending on the selected compression algorithm.

Dependencies

• Requires an API key credential providing:
  • A private PGP key (optionally protected by a passphrase).
  • A public PGP key.
• Uses the openpgp library for cryptographic operations.
• Utilizes internal utilities for base64 encoding/decoding and data compression.
• Node expects valid PGP keys and correct passphrases configured in credentials.

Troubleshooting

• Invalid Private/Public Key Errors: Occur if the provided armored keys are malformed or incorrect. Ensure keys are properly formatted and correspond to each other.
• Decryption Failures: May happen if the wrong private key or passphrase is used, or if the message is corrupted.
• Uncompression Errors: If the compression algorithm does not match the one used during encryption, uncompression will fail. Verify that the same compression method is selected.
• Missing Binary Data: When using binary input, the specified binary property must exist; otherwise, an error is thrown.
• Signature Verification Fails: Could be due to mismatched public keys or altered messages/signatures.

To resolve errors, verify all keys, passphrases, input data, and selected options carefully.

Links and References

• OpenPGP.js Documentation
• Pretty Good Privacy (PGP) Wikipedia
• n8n Documentation on Custom Nodes