OpenPGP Task

SQL Server 2005, 2008, 2008R2, 2012, 2014

SQL Server 2005, 2008, 2008R2, 2012, 2014

All Downloads ----- Join VIP ----- Questions?

Overview

The OpenPGP Task is an SSIS Control Flow task for encryption and decryption using the OpenPGP (RFC 2440) standard.


Demonstration

Setup

Use the General page of the OpenPGP Task Editor dialog to configure the parameters needed to encrypt, decrypt, create or verify the file signature.

Parameters

Name

Specify the task name.

Description

Specify the task description.

Action

Specify the task action. This parameter has the options listed in the following table.

Option Description
Encrypt file Encrypts a file. Selecting this option displays the dynamic parameters IsPublicKeyRingVariable, PublicKeyRing, PublicKeyRingVariable, Key, OutputASCII, OldFormat (1.3 SR-5), IsSourceVariable, Source, SourceVariable, RemoveSource, IsSourceSigned, IsTargetVariable, Target, TargetVariable, OverwriteExisting.
Decrypt file Decrypts a file. Selecting this option displays the dynamic parameters IsSecretKeyRingVariable, SecretKeyRing, SecretKeyRingVariable, Password, IsSourceVariable, Source, SourceVariable, IsTargetVariable, Target, TargetVariable, OverwriteExisting, VerifySignature (1.3 SR-5).
Create file signature Creates a file signature. Selecting this option displays the dynamic parameters IsSecretKeyRingVariable, SecretKeyRing, SecretKeyRingVariable, Key, Password, OutputASCII, IncludeData, IsSourceVariable, Source, SourceVariable, IsSignatureVariable, Signature, SignatureVariable, OverwriteExisting.
Verify file signature Verifies the file signature. Selecting this option displays the dynamic parameters IsPublicKeyRingVariable, PublicKeyRing, PublicKeyRingVariable, ResultVariable, IsSourceVariable, Source, SourceVariable, IsSignatureVariable, Signature, SignatureVariable.
IsPublicKeyRingVariable

Indicate whether or not the public key ring path is stored in a variable. This parameter has the options listed in the following table.

Option Description
True The public key ring path is stored in a variable. Selecting this option displays the dynamic parameters PublicKeyRingVariable.
False The public key ring path is specified in a File connection manager. Selecting this option displays the dynamic parameters PublicKeyRing.
PublicKeyRing

Select an existing File connection manager, or click <New connection...> to create a new connection manager.

Related topics: File Connection Manager Editor

PublicKeyRingVariable

Select an existing user-defined variable, or click <New variable...> to create a new variable.

Related Topics: Integration Services Variables, Add Variable

Key

Select key(s) from key ring.

OutputASCII

Select to output 7-bit ASCII data instead of binary data. This parameter has the options listed in the following table.

Option Description
True Output in 7-bit ASCII data format.
False Output in binary data format.
OldFormat (1.3 SR-5)

Use this parameter to create a PGP 2 compatible package. This parameter has the options listed in the following table.

Option Description
True Create the package in PGP 2 format.
False Create the package in OpenPGP format.
IsSourceVariable

Indicate whether or not the source path is stored in a variable. This parameter has the options listed in the following table.

Option Description
True The source path is stored in a variable. Selecting this option displays the dynamic parameter SourceVariable.
False The source path is specified in a File connection manager. Selecting this option displays the dynamic parameter Source.
Source

Select an existing File connection manager, or click <New connection...> to create a new connection manager.

Related topics: File Connection Manager Editor

SourceVariable

Contains the source path or input Stream object. Select an existing user-defined variable, or click <New variable...> to create a new variable.

Related Topics: Integration Services Variables, Add Variable

RemoveSource

Specify source file to be removed after encryption.

IsTargetVariable

Indicate whether or not the target path is stored in a variable. This parameter has the options listed in the following table.

Option Description
True The target path is stored in a variable. Selecting this option displays the dynamic parameter TargetVariable.
False The target path is specified in a File connection manager. Selecting this option displays the dynamic parameter Target.
Target

Select an existing File connection manager, or click <New connection...> to create a new connection manager.

Related topics: File Connection Manager

TargetVariable

Contains the target path or output Stream object. Select an existing user-defined variable, or click <New variable...> to create a new variable.

Related Topics: Integration Services Variables, Add Variable

OverwriteExisting

Use this parameter to indicate the existing file should be overwritten.

IsSecretKeyRingVariable

Indicate whether or not the secret key ring path is stored in a variable. This parameter has the options listed in the following table.

Option Description
True The secret key ring path is stored in a variable. Selecting this option displays the dynamic parameter SecretKeyRingVariable.
False The secret key ring path is specified in a File connection manager. Selecting this option displays the dynamic parameter SecretKeyRing.
SecretKeyRing

Select an existing File connection manager, or click <New connection...> to create a new connection manager.

Related topics: File Connection Manager

SecretKeyRingVariable

Select an existing user-defined variable, or click <New variable...> to create a new variable.

Related Topics: Integration Services Variables, Add Variable

IsSignatureVariable

Indicate whether or not the signature path is stored in a variable. This parameter has the options listed in the following table.

Option Description
True The signature path is stored in a variable. Selecting this option displays the dynamic parameter SignatureVariable.
False The signature path is specified in a File connection manager. Selecting this option displays the dynamic parameter Signature.
Signature

Select an existing File connection manager, or click <New connection...> to create a new connection manager.

Related topics: File Connection Manager

SignatureVariable

Select an existing user-defined variable, or click <New variable...> to create a new variable.

Related Topics: Integration Services Variables, Add Variable

ResultVariable

Select an existing user-defined variable, or click <New variable...> to create a new variable. The variable has to be of the type Boolean and it will contain the verification result.

Related Topics: Integration Services Variables, Add Variable

IncludeData (1.3 SR-2)

Select to include the data to be signed.

IsSourceSigned (1.3 SR-2)

Use this parameter to indicate whether or not the source data is OpenPGP signed. This parameter has the options listed in the following table.

Option Description
True The source OpenPGP data is signed.
False The source OpenPGP data is not signed.
VerifySignature (1.3 SR-5)

Use this parameter to indicate whether or not to verify the signature during decryption. This parameter has the options listed in the following table.

Option Description
True Verify the signature during decryption. Selecting this option displays the dynamic parameters IsSignaturePublicKeyRingVariable, SignaturePublicKeyRing, SignaturePublicKeyRingVariable.
False Do not verify the signature during decryption.
IsSignaturePublicKeyRingVariable (1.3 SR-5)

Indicate whether or not the signature public key ring path is stored in a variable. This parameter has the options listed in the following table.

Option Description
True The signature public key ring path is stored in a variable. Selecting this option displays the dynamic parameter SignaturePublicKeyRingVariable.
False The signature public key ring path is specified in a File connection manager. Selecting this option displays the dynamic parameter SignaturePublicKeyRing.
SignaturePublicKeyRing (1.3 SR-5)

Select an existing File connection manager, or click <New connection...> to create a new connection manager.

Related topics: File Connection Manager

SignaturePublicKeyRingVariable (1.3 SR-5)

Select an existing user-defined variable, or click <New variable...> to create a new variable.

Related Topics: Integration Services Variables, Add Variable

How to create a signed and encrypted package

Creating a signed and encrypted package is a 2-step process:

  • Insert the OpenPGP Task with the action "Create file signature". Set IncludeData option set to true.
  • Insert OpenPGP Task with the action "Encrypt file". As a source file, select the target file created in the "Create file signature" step. Set the IsSourceSigned option to true.

Samples

  • For a sample showing how to stream data without intermediate storage, see this package.
  • For a sample showing how to create data in-memory in data flow, encrypt and stream without intermediate storage, see this package.