PGP general flow (X send to Y):
At X side sending, sign with X private key, Encrypt with Y public key.
At Y side receiving, verify with X public key, Decrypt with Y private key.
Below show an example usage of Seeburger PGP module to sign and encrypt payload:
The payload go through MessageTranformBean to convert from XML to CSV format, then pass to module chain Seeburger PGP to to sign and encrypt.
mode = sign and encrypt
signDocType = binary, tested for this sign and encrypted, it only work using binary.
signHashAlg, encryptDocSymAlg and encryptSymAlg can follow partner recommended setting.
signMode = twopass, traditional way to do PGP sign.
encryptKey0 = Partner PGP public key to encrypt
signKey = Own PGP private key to sign
cryptedpasswordSignKeyPass = masked key phrase for Own PGP private key. Alternate parameter is signKeyPass but password is viewable, not masked.
pgp | sourceDest | MainDocument |
pgp | asciiArmor | TRUE |
pgp | compress | FALSE |
pgp | cryptedpasswordSignKeyPass | ***** |
pgp | encryptDocSymAlg | AES-256 |
pgp | encryptKey0 | TRUSTED/SEEPGP/XXXXXXXXXXXXXXXXXXXXX |
pgp | encryptSymAlg | AES-256 |
pgp | mode | sign-encrypt |
pgp | signDocType | binary |
pgp | signHashAlg | SHA-1 |
pgp | signKey | TRUSTED/SEEPGP/XXXXXXXXXXXXXX |
pgp | signMode | twopass |
Keep on learning 🙂