Overview
This node provides encryption, decryption, signing, and verification functionalities using the OpenPGP standard. It supports both text and binary inputs and can optionally compress data before encryption or decompress after decryption. The node is useful for securing messages or files by encrypting them to ensure confidentiality, signing them to guarantee authenticity, or verifying signatures to confirm integrity.
Common scenarios include:
- Encrypting sensitive text messages or files before sending.
- Signing documents or messages to prove authorship.
- Decrypting received encrypted content.
- Verifying signatures on received messages or files.
- Combining encryption and signing in one step for secure and authenticated communication.
For example, a user can input a plain text message, choose "Encrypt and Sign" operation, and get an encrypted message along with its signature. Alternatively, a user can decrypt a received encrypted file and verify its signature to ensure it was not tampered with.
Properties
| Name | Meaning |
|---|---|
| Input Type | Choose whether the input is plain text or binary data. Options: Text, Binary. |
| Compression Algorithm | Select compression method applied to binary data before encryption or after decryption. Options: Uncompressed, Zip, Zlib. Only shown for certain operations and binary input. |
| Message | The plain text message to process (encrypt, sign, decrypt, verify). Shown only if Input Type is Text. |
| Binary Property Name | The name of the binary property containing the data to process. Used when Input Type is Binary. |
Output
The output structure depends on the operation and input type:
For text input:
- Encryption operations output a JSON field with the encrypted message as a string.
- Signing operations output a JSON field with the signature as a string.
- Decryption outputs a JSON field with the decrypted message.
- Verification outputs a JSON field indicating whether the signature is valid (
trueorfalse). - Combined operations like "Encrypt and Sign" output JSON fields for both encrypted message and signature.
For binary input:
- Encrypted data is output as a binary property named
messagewith MIME typeapplication/pgp-encryptedand filename appended with.pgp. - Signatures are output as a binary property named
signaturewith MIME typeapplication/pgp-signature, file extension.sig, and filename appended with.sig. - Decrypted data is output as a binary property named
decryptedwith MIME typeapplication/octet-stream. If the original filename ended with.pgp, this suffix is removed. - Verification outputs a JSON field indicating validity and may output decrypted binary data similarly.
- Encrypted data is output as a binary property named
Binary data is base64 encoded internally and converted back to Uint8Array for cryptographic operations.
Dependencies
- Requires an API key credential providing:
- A private PGP key (optionally protected by a passphrase).
- A public PGP key.
- Uses the
openpgplibrary for all cryptographic operations. - Uses internal utilities for base64 encoding/decoding and optional compression/decompression (
ziporzlib). - Node expects these credentials to be configured in n8n prior to execution.
Troubleshooting
- Invalid Private/Public Key: Errors thrown if keys cannot be parsed or are invalid. Ensure keys are correctly formatted and trimmed.
- Missing Binary Data: When using binary input, errors occur if the specified binary property does not exist or is empty.
- Decryption Failure: If decryption returns false, the message could not be decrypted. Check that the correct private key and passphrase are used.
- Compression Errors: If decompression fails, verify that the compression algorithm matches what was used during encryption.
- Signature Verification Fails: Indicates the signature does not match the message or the wrong public key is used.
- General NodeOperationError: Provides context about which item failed; enabling "Continue On Fail" allows processing other items despite errors.