PGP Sign
In this article
Overview
This Snap enables you to use PGP to sign a file digitally without encrypting the file.
Pretty Good Privacy (PGP) is a decryption program that provides cryptographic privacy and authentication for data communication. PGP is popularly used to digitally sign, encrypt, or decrypt email messages or files being transferred over the Internet.
Snap Type
The PGP Sign Snap is a Transform-type Snap that allows binary data to be signed using PGP.
Prerequisites
This Snap requires an existing valid PGP Private Key account.
This Snap uses account references created on the Accounts page of SnapLogic Manager called the PGP Public Key Account that stores the public key used for encryption. See Configuring Binary Accounts for information on setting up this type of account.Â
When setting up the account, enter your public PGP key. The credentials setup will automatically encrypt the message.
For signed encryption, this Snap uses account references created on the Accounts page of SnapLogic Manager called the PGP Private Key Account that stores the public and private key used for signed encryption. See Configuring Binary Accounts for information on setting up this type of account.Â
When setting up the PGP Private Key account, enter your public and private PGP keys. The credentials setup will automatically encrypt and sign the message.
Support for Ultra Pipelines
Works in Ultra Pipelines.
Limitations and Known Issues
The Snap might fail while processing very large signed files.Â
Snap Views
Type | Format | Number of Views | Examples of Upstream and Downstream Snaps | Description |
---|---|---|---|---|
Input | Binary  |
|
| This Snap has exactly one binary input view. Each input document contains file to be the signed. Upstream Snaps can be any Snap that produces binary data in the output view, such as File Writer or Decompress. |
Output | Binary |
|
| This Snap has exactly one binary output view. Each output document contains the signature file or the signed, compressed file. Downstream Snaps can be any Snap that accepts binary data in the input view, such as File Writer or Decompress. |
Error | Error handling is a generic way to handle errors without losing data or failing the Snap execution. You can handle the errors that the Snap might encounter when running the pipeline by choosing one of the following options from the When errors occur list under the Views tab:
Learn more about Handling Errors with an Error Pipeline. |
Snap Settings
Asterisk ( * ): Indicates a mandatory field.
Suggestion icon (): Indicates a list that is dynamically populated based on the configuration.
Expression icon ( ): Indicates the value is an expression (if enabled) or a static value (if disabled). Learn more about Using Expressions in SnapLogic.
Add icon ( ): Indicates that you can add fields in the field set.
Remove icon ( ): Indicates that you can remove fields from the field set.
Upload icon ( ): Indicates that you can upload files.
Field Name | Field Type | Description |
---|---|---|
Label Default Value: PGP Sign  | String | Specify the name for the Snap. You can modify this to be more specific, especially if you have more than one of the same Snap in your pipeline.  |
Signature Algorithm Default Value: SHA1 Â Â | Dropdown list | Specify the algorithm to use for the signature. This is the signature algorithm that is used for the actual signature that is being made. Most systems default to SHA1, but other SHA algorithms can be used. |
Use detach sign  Default Value: Not selected  | Checkbox | When selected, the Snap provides only the detached signature of the signing process. This is the equivalent of running with Rather than having the compressed input data and signature in a single binary document, this option provides only the signature of the file as the only output. If you need access to the raw input binary file, use a Binary Copy Snap prior to the PGP Sign Snap and leave this checkbox unselected. |
Use armor output  Default Value: Not selected  | Checkbox | When selected, the output is base64-encoded with a header and footer rather than the binary data. This is the equivalent of running the GnuPG |
Snap Execution  Default Value: Validate & Execute  | Dropdown list | Select one of the three modes in which the Snap executes. Available options are:
 |
Troubleshooting
Error | Reason | Resolution |
---|---|---|
Unable to create signed file | Error reading the key/input data passed | Please verify the key/input data passed |
No valid signing key in provided private key | The key might be expired signing keys or the key pass phrase is not correct | Please verify that the provided private key has non-expired signing keys and that the password is correct |
Examples
PGP Sign a Salesforce File
In this example pipeline we download a file from Salesforce that uses the normal signature, which creates a signed file with the file available.
We then upload the file to S3, where it could be used as a standard signature to pass to a downstream use case for someone to verify.
PGP Sign a Salesforce File (Detached)
This example pipeline shows how to use the Binary Copy Snap to include both the original file stream as well as the signature stream.
We then upload both files to S3 with different names.
Both files could then be verified.
Â
Downloads
Download and import the pipeline into SnapLogic.
Configure Snap accounts, as applicable.
Provide Pipeline parameters, as applicable.