Automate Processes

Hi All,

I am looking to automate a few things. Does anyone know if they are possible and how to do them?

1.) I want to automate the encryption of files. My ultimate goal is to let users drop files into a folder and then monitor that folder for new files, encrypt them and post them via SFPT to a specific location.

2.) Automatically move a file to a new location once it has been encrypted through the above automated process.

Are either of these possible?

Thanks!

Hi Brad,

it is possible to automate crypto operations on files with Gpg4win!
The crypto engine is called GnuPG and comes with a number of executables
and an API called GPGME.

If the operations are simple you may use Powershell or a scripting framework of your choice and run the commands, e.g. like “gpg” for OpenPGP file operations.

Once you want more robustness and control you would probably use GPGME via your preferred language (e.g. Python), see https://wiki.gnupg.org/APIs .

Assuming you are in the simple case: First look how to trigger some action based on a change in a folder with Powershell and then build a script that calls gpg --encrypt ... for the file and then does the transfer.

Best Regards,
Bernhard

Thanks Bernhard,

I will give it a shot.

Brad

You are welcome Brad!

We appreciate your publishing your result here or on the wiki
to help others profit from your experiences.

Best,
Bernhard

Hi. I used gpg to encrypt a file from the command line; however, I keep getting prompted with the statement\question:


– There is no assurance this key belongs to the named use

– It is NOT certain that the key belongs to the person named
– in the user ID. If you really know what you are doing,
– you may answer the next question with yes.

– Use this key anyway? (y/N)


Is there a way to suppress this message? It prevents the users from fully automating a process as it requires human intervention. Thanks!

Med

After posting this I did further research and found that you can use the following option in the command:

–trust-model pgp|classic|direct|always|auto

 Set what trust model GnuPG should follow. The models are:

 pgp    This is the Web of Trust combined with trust signatures as used in
        PGP 5.x and later. This is the default trust model when creating a
        new trust database.

 classic
        This is the standard Web of Trust as used in PGP 2.x and earlier.

 direct Key validity is set directly by the user and  not  calculated  via
        the Web of Trust.

 always Skip  key  validation  and  assume that used keys are always fully
        trusted. You generally won't use this unless you  are  using  some
        external  validation  scheme.  This  option  also  suppresses  the
        "[uncertain]" tag printed with signature checks when there  is  no
        evidence that the user ID is bound to the key.

 auto   Select  the  trust  model depending on whatever the internal trust
        database says. This is  the  default  model  if  such  a  database
        already exists.

I tried using --trust-model always and this resolved my issue. Thanks!

Med

Hi Med,
good to know that you found out how to set always trust.
(It assumes that you have verified the pubkey you are using by other means,
which I think you will be well aware off. :wink: )

Best Regards,
Bernhard

Hi,
Does it support java? A java bases application is sending data that needs to be encrypted in PGP when it sends via Sftp and data is sent back and needs to be decrypted.

Thanks…

You can call gpg.exe in Java with a process call.

An OpenPGP Implementation (which is compatible) in Java is Bouncy Castle.

Thanks for the info.

Hi Brad,

Could you share whether you were able to automate the encryption of files? I need to encrypt some files on a daily basis and would like to automate the encryption. Thanks!