Overview
The OpenPGP Task is an SSIS Control Flow task for encryption and decryption using the OpenPGP (RFC 4880) standard.
Parameters
General
Use the General page of the OpenPGP Task Editor dialog to configure the parameters needed to encrypt, decrypt, create or verify the file signature.
Specify the task name.
Specify the task description.
Specify the task action. This parameter has the options listed in the following table.
Option Description Encrypt file Encrypts a file. Selecting this option displays the dynamic parameters IsPublicKeyRingVariable, PublicKeyRing, PublicKeyRingVariable, Key, OutputASCII, OldFormat 1.3 SR-5, IsSourceVariable, Source, SourceVariable, RemoveSource, IsSourceSigned, IsTargetVariable, Target, TargetVariable, OverwriteExisting. Decrypt file Decrypts a file. Selecting this option displays the dynamic parameters IsSecretKeyRingVariable, SecretKeyRing, SecretKeyRingVariable, Password, IsSourceVariable, Source, SourceVariable, IsTargetVariable, Target, TargetVariable, OverwriteExisting, VerifySignature 1.3 SR-5. Create file signature Creates a file signature. Selecting this option displays the dynamic parameters IsSecretKeyRingVariable, SecretKeyRing, SecretKeyRingVariable, Key, Password, OutputASCII, IncludeData, IsSourceVariable, Source, SourceVariable, IsSignatureVariable, Signature, SignatureVariable, OverwriteExisting. Verify file signature Verifies the file signature. Selecting this option displays the dynamic parameters IsPublicKeyRingVariable, PublicKeyRing, PublicKeyRingVariable, ResultVariable, IsSourceVariable, Source, SourceVariable, IsSignatureVariable, Signature, SignatureVariable. Indicate whether or not the public key ring path is stored in a variable. This parameter has the options listed in the following table.
Option Description True The public key ring path is stored in a variable. Selecting this option displays the dynamic parameters PublicKeyRingVariable. False The public key ring path is specified in a File connection manager. Selecting this option displays the dynamic parameters PublicKeyRing. Select an existing File connection manager, or click <New connection...> to create a new connection manager.
Related topics: File Connection Manager Editor
Select an existing user-defined variable, or click <New variable...> to create a new variable.
Related Topics: Integration Services Variables, Add Variable
Select key(s) from key ring.
Select to output 7-bit ASCII data instead of binary data. This parameter has the options listed in the following table.
Option Description True Output in 7-bit ASCII data format. False Output in binary data format. Use this parameter to create a PGP 2 compatible package. This parameter has the options listed in the following table.
Option Description True Create the package in PGP 2 format. False Create the package in OpenPGP format. Indicate whether or not the source path is stored in a variable. This parameter has the options listed in the following table.
Option Description True The source path is stored in a variable. Selecting this option displays the dynamic parameter SourceVariable. False The source path is specified in a File connection manager. Selecting this option displays the dynamic parameter Source. Select an existing File connection manager, or click <New connection...> to create a new connection manager.
Related topics: File Connection Manager Editor
Contains the source path or input Stream object. Select an existing user-defined variable, or click <New variable...> to create a new variable.
Related Topics: Integration Services Variables, Add Variable
Specify source file to be removed after encryption.
Indicate whether or not the target path is stored in a variable. This parameter has the options listed in the following table.
Option Description True The target path is stored in a variable. Selecting this option displays the dynamic parameter TargetVariable. False The target path is specified in a File connection manager. Selecting this option displays the dynamic parameter Target. Select an existing File connection manager, or click <New connection...> to create a new connection manager.
Related topics: File Connection Manager
Contains the target path or output Stream object. Select an existing user-defined variable, or click <New variable...> to create a new variable.
Related Topics: Integration Services Variables, Add Variable
Use this parameter to indicate the existing file should be overwritten.
Indicate whether or not the secret key ring path is stored in a variable. This parameter has the options listed in the following table.
Option Description True The secret key ring path is stored in a variable. Selecting this option displays the dynamic parameter SecretKeyRingVariable. False The secret key ring path is specified in a File connection manager. Selecting this option displays the dynamic parameter SecretKeyRing. Select an existing File connection manager, or click <New connection...> to create a new connection manager.
Related topics: File Connection Manager
Select an existing user-defined variable, or click <New variable...> to create a new variable.
Related Topics: Integration Services Variables, Add Variable
Indicate whether or not the signature path is stored in a variable. This parameter has the options listed in the following table.
Option Description True The signature path is stored in a variable. Selecting this option displays the dynamic parameter SignatureVariable. False The signature path is specified in a File connection manager. Selecting this option displays the dynamic parameter Signature. Select an existing File connection manager, or click <New connection...> to create a new connection manager.
Related topics: File Connection Manager
Select an existing user-defined variable, or click <New variable...> to create a new variable.
Related Topics: Integration Services Variables, Add Variable
Select an existing user-defined variable, or click <New variable...> to create a new variable. The variable has to be of the type Boolean and it will contain the verification result.
Related Topics: Integration Services Variables, Add Variable
Select to include the data to be signed.
Use this parameter to indicate whether or not the source data is OpenPGP signed. This parameter has the options listed in the following table.
Option Description True The source OpenPGP data is signed. False The source OpenPGP data is not signed. Use this parameter to indicate whether or not to verify the signature during decryption. This parameter has the options listed in the following table.
Option Description True Verify the signature during decryption. Selecting this option displays the dynamic parameters IsSignaturePublicKeyRingVariable, SignaturePublicKeyRing, SignaturePublicKeyRingVariable. False Do not verify the signature during decryption. Indicate whether or not the signature public key ring path is stored in a variable. This parameter has the options listed in the following table.
Option Description True The signature public key ring path is stored in a variable. Selecting this option displays the dynamic parameter SignaturePublicKeyRingVariable. False The signature public key ring path is specified in a File connection manager. Selecting this option displays the dynamic parameter SignaturePublicKeyRing. Select an existing File connection manager, or click <New connection...> to create a new connection manager.
**Related topics: File Connection Manager
Select an existing user-defined variable, or click <New variable...> to create a new variable.
Related Topics: Integration Services Variables, Add Variable
Knowledge Base
- Where can I find the documentation for the OpenPGP Task?
- Error Message: Premature end of stream in PartialInputStream.
- When I try to decrypt package with PGP 6.5.x, I get error: "encrypted session key is bad."
- How to create a signed and encrypted package
Samples
What's New
- New: Support for additional encryption algorithms.
- New: 'Encrypt file' action will use first available public key if Key parameter is not specified.
- Fixed: Source file kept locked when 'Decrypt File' action failed (Thank you, John).
- Fixed: Failed to decrypt file encrypted with more than one public keys (Thank you, Dominik).
- Fixed: Failed with "Cannot access closed file." error when specified target was variable containing in-memory stream object.
- New: A new parameter VerifySignature to verify signature when decrypting a package.
- Fixed: Task now uses shorter key identifiers. The longer identifier cannot be easily manipulated (Thank you, Jay).
- New: A new parameter OldFormat to encrypt packages in PGP2 format.
- New: Support decryption of password-only encrypted files.
- Fixed: Failed to decrypt certain packages with error "Unknown encrypted file type."
- Fixed: Failed to encrypt signed package output as ASCII.
- Fixed: Support for additional encryption algorithms.
- New: Included parameter to include the data when creating a signature.
- New: Included parameter to handle and encrypt OpenPGP signed data.
- Fixed: Task did not display public keys, used both for signing and encryption.
- New: Introduced task.
Related documentation
COZYROC SSIS+ Components Suite is free for testing in your development environment.
A licensed version can be deployed on-premises, on Azure-SSIS IR and on COZYROC Cloud.