Overview
This node provides PGP (Pretty Good Privacy) cryptographic operations to encrypt, decrypt, sign, and verify messages or binary data. It supports both text and binary inputs, allowing secure communication and data protection workflows within n8n.
Common scenarios include:
- Encrypting sensitive text or files before sending them over insecure channels.
- Decrypting received encrypted messages or files.
- Signing messages or files to ensure authenticity.
- Verifying signatures on messages or files to confirm integrity and origin.
- Combining encryption with signing for enhanced security.
Practical examples:
- Encrypt a confidential message text before emailing it.
- Decrypt an encrypted file received from a partner.
- Sign a document to prove authorship.
- Verify the signature of a downloaded file to ensure it has not been tampered with.
Properties
| Name | Meaning |
|---|---|
| Input Type | Choose whether the input is plain text or binary data. Options: "Text", "Binary". |
| Message | The plaintext message to process (used when Input Type is "Text"). |
| Binary Property Name | The name of the binary property containing the data to process (used when Input Type is "Binary"). |
| Signature | The PGP signature string to verify (used when Input Type is "Text" and operation is "verify" or "decrypt-and-verify"). |
| Binary Property Name (Signature) | The name of the binary property containing the signature data (used when Input Type is "Binary" and operation is "verify" or "decrypt-and-verify"). |
Output
The output structure depends on the selected operation and input type:
For text input:
jsoncontains fields such as:encrypted: The encrypted message string.decrypted: The decrypted message string.signature: The generated signature string.verified: A boolean indicating if the signature verification succeeded.
For binary input:
binarycontains processed files with appropriate MIME types:- Encrypted data is output as a
.pgpfile with MIME typeapplication/pgp-encrypted. - Signatures are output as
.sigfiles with MIME typeapplication/pgp-signature. - Decrypted data is output as
application/octet-stream.
- Encrypted data is output as a
jsonmay contain verification results (verifiedboolean).
The node handles base64 encoding/decoding internally for binary data.
Dependencies
- Requires an API key credential providing:
- A private PGP key (optionally protected by a passphrase).
- A public PGP key.
- Uses the
openpgplibrary for cryptographic operations. - Supports optional compression algorithms (
uncompressed,zip,zlib) for binary encryption/decryption. - No additional external services are required beyond the provided keys.
Troubleshooting
- Invalid Private/Public Key: Errors thrown if the provided armored keys are invalid or improperly formatted. Ensure keys are correctly pasted and valid.
- Missing Binary Data: If binary input is selected but the specified binary property is missing, an error will occur. Verify the binary property name matches the input data.
- Decryption Failure: If decryption fails, the node throws an error "Message could not be decrypted." Check that the correct private key and passphrase are used and that the message was properly encrypted.
- Uncompression Failure: When using compression, if uncompression fails, an error "Message could not be uncompressed. Please check your compression algorithm." is thrown. Confirm the compression algorithm matches the one used during encryption.
- Signature Verification Failure: The
verifiedfield will be false if signature verification fails. Double-check the signature and public key correctness. - Continue On Fail: If enabled, the node outputs errors per item instead of stopping execution.