Encryption with PGP key

Question

I was recently assigned to task to encrypt some data and send it to our server. I found some valuable resources on the internet but they all require a public key, private key and secret password for the encryption. Please is there any simple way I can encrypt with just pgp key, since that's what I was given?

Answer 1

Recently, I'm doing the PGP Encryption and sending files over to SFTP server. Here's the simple steps I follow with Python:

pip install py-pgp

Keep public_key in the same directory

Get recipients info gpg --list-keys

Script:

import os, gnupg
key = '<public_key>.asc'
src = '<file_to_be_encrypted>'
dst = './' #destination, it could be current directory
def encrypt(key, src):
    home = os.path.join(os.getcwd(), '')
    gpg = gnupg.GPG(gnupghome=home)
    with open(key, "rb") as f:
        keys = gpg.import_keys(f.read())

    with open(src, "rb") as f:

         result = gpg.encrypt_file(f, recipients='<name_retrieved_from_public_key>', output='<file_name>.pgp', always_trust=True)
    if not result:
        raise RuntimeError(result.status)


encrypt(key, src)

This will provide you the Encrypted file within the same directory.

Answer 2

The standard PGP encryption process in any language works as follows:

Step 1: Generate your private / public key pair

First generate your OpenPGP key pair e.g. with gnupg. The pair consists of a public key, which is used by the sender to encrypt the data and the private key, which is used by the recipient to decrypt the data.

Step 2: Share your public key and collect public keys of other parties

Each side will need to have the public keys of all the other parties. To do this step, you can give your public key using an usb stick or you upload it to a public key server.

Step 3: Encrypt and send your data

You write your data and encrypt it for the recipients. You might also sign the data, which guarantees that the recipient can verify that the data has been created by you. After the encryption you send the data to the recipients.

Step 4: Authentication of data

You don't have to do this step but another benefit of asymmetric encryption such as PGP is that it allows for authentication. After you have exchanged public keys with your partners, the private keys can be used to digitally sign the encrypted content, allowing the decrypting site to verify the authenticity of the sender.

After data encryption is completed with the private key, you encrypt the session key with the public key that's known to the recipient (and maybe other parties as well). After that you can optionally create a hash of the encrypted data and sign this hash with your private key, this is called a signature.

Save the data in, for example, OpenPGP format.

Step 5: Decrypt data and verify signature

If you receive a data you decrypt it and if the data is signed, you verify the signature to be sure the data is sent by the sender to whom you have the public key.

Answer 3

Public PGP keys can encrypt data and verify signatures. Private PGP keys can decrypt data and sign data. If you have someone's public key, just use it, it won't prompt you for a password.

Answer 4

I assume that you have been given a public OpenPGP key. This one is enough to do encryption of data, which is intended to be decrypted by the person who gave you his public key.

In .NET you can use BouncyCastle or OpenPGPBlackbox package of our SecureBlackbox product. SecureBlackbox comes with extensive samples and support is offered as well (unlike alternatives).

Answer 5

PGP simply works with pairs of private and public keys. The secret password is optional as far as i know.