PGP

Overview

This node provides OpenPGP encryption, decryption, signing, and verification functionalities. It supports both text and binary inputs, allowing users to securely encrypt or decrypt messages and files, sign data to ensure authenticity, and verify signatures to confirm integrity.

Common scenarios include:

• Encrypting sensitive text or files before sending them over insecure channels.
• Decrypting received encrypted messages or files.
• Digitally signing documents or messages to prove authorship.
• Verifying signatures on received data to ensure it has not been tampered with.
• Combining encryption and signing for enhanced security (encrypt-and-sign, decrypt-and-verify).

Practical examples:

• Encrypt a confidential report file before emailing it.
• Decrypt an encrypted email attachment.
• Sign a contract document digitally.
• Verify the signature of a downloaded software package.
• Decrypt a message and verify its signature in one step.

Properties

Name	Meaning
Input Type	Choose whether the input is "Text" or "Binary".
Compression Algorithm	Select compression method for binary data: "Uncompressed", "Zip", or "Zlib". Only for certain operations with binary input.
Message	The plaintext message to process (used when Input Type is "Text").
Binary Property Name	The name of the binary property containing the data to process (used when Input Type is "Binary").
Signature	The PGP signature string to verify (used with text input and verify or decrypt-and-verify operations).
Binary Property Name (Signature)	The name of the binary property containing the signature data (used with binary input and verify or decrypt-and-verify operations).

Output

The output structure depends on the operation and input type:

• For text input:

  • json contains fields such as:
    • encrypted: The encrypted text result.
    • decrypted: The decrypted text result.
    • signature: The generated signature string.
    • verified: Boolean indicating if signature verification succeeded.
  • No binary output.

• For binary input:

  • binary contains properties like:
    • message: The encrypted binary data (with .pgp extension).
    • decrypted: The decrypted binary data (original filename restored if possible).
    • signature: The signature binary data (with .sig extension).
  • json may contain verification results (verified boolean).

Binary data is base64 encoded within the binary property. Compression can be applied/unapplied depending on settings.

Dependencies

• Requires an API key credential providing:
  • A private PGP key (optionally protected by a passphrase).
  • A public PGP key.
• Uses the openpgp library for cryptographic operations.
• Utilizes internal utilities for base64 encoding/decoding and optional compression/decompression of binary data.

Troubleshooting

• Invalid Private/Public Key: Errors thrown if keys are malformed or invalid. Ensure keys are correctly formatted and complete.
• Missing Binary Data: If binary input is selected but the specified binary property is missing, an error occurs. Verify the binary property name matches the input data.
• Decryption Failure: If decryption returns false, the message could not be decrypted. Check that the correct private key and passphrase are used.
• Uncompression Failure: When using compression algorithms other than "Uncompressed," decompression errors may occur if the wrong algorithm is selected or data is corrupted.
• Signature Verification Failure: Verification returns false if the signature does not match the data or the public key is incorrect.
• Continue On Fail: If enabled, errors for individual items will be included in output instead of stopping execution.

Links and References

• OpenPGP.js Documentation
• Pretty Good Privacy (PGP) Wikipedia
• n8n Documentation on Custom Nodes