How to encrypt and sign files

Question

Question

Joe Jung · Jan 26, 2022

#Business Operation #Code Snippet #Encryption #ObjectScript #Red Hat Enterprise Linux (RHEL) #Ensemble

Currently running Ensemble on Red Hat Enterprise Linux Server release 7.7

One of our clients is requesting files sent to their SFTP site be encrypted with their PGP public key and digitally signed with our PGP private key

We have created a custom class that includes the following command to encrypt the files

if (pAction = "Encrypt") {
// Find the Key ID from the Keyname
set tKeyId = ..GPGKeyLookup(pKeyName, ..#PUBLICKEYLUT)
set tCmdLine = "gpg --homedir "_pGPGhomedir_" --always-trust -r """_tKeyId_""" -o "_pOutFileName_" -e "_pInFileName
}
// Execute the command to generate the output file
write !,"Calling command: "_tCmdLine
do ##class(JMH.Utils.Utilities).RunCmdLine(pWorkarea, tCmdLine, .tOutput)
write !,"tOutput: "_tOutput

We want to update the gpg command to digitally sign the encrypted file

Would appreciate any suggestions on how to edit the gpg command to digitally sign a file

Product version: Ensemble 2018.1

Discussion (2)0

Log in or sign up to continue

Joe Jung · Jan 27, 2022

Eduard

I tried running running your command from my LInux server

gpg --homedir /hs-connect/gpg --local-user 77720646 --sign --armor --output test.txt.bak --detach-sig test.txt gpg

the following was returned

gpg: can't connect to the agent: IPC connect call failed
gpg: problem with the agent: No agent running
gpg: skipped "62D20646": Operation cancelled
gpg: signing failed: Operation cancelled

0 0

score 0 · Answer 1 · 2022-01-27T08:54:00-05:00

Assuming you need a detached signature:

gpg --local-user [fingerprint] --sign --armor --output somefile.tar.xz.asc --detach-sig somefile.tar.xz

Copied from Stack.