OpenPGP Decryption Inquiry

Hello All,

My customer encrypted their file using their private key and then gave me their public key for me to decrypt it. I wanted to use the OpenPGP package and so far I am trying out this flow containg these:

–>wm.openpgp:getProperty (command decyptfile)
–>wm.openpgp:getProperty (pgp home)
–>pub.string:messageFormat
–>pub.file:getFile
–>wm.openpgp:execPGPb

When I try to run the flow, here are the results:

status: 0
error:

gpg: WARNING: unsafe permissions on homedir `/opt/SoftwareAG/webMethods712/gnupg’
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: encrypted with 2048-bit ELG-E key, ID 0F681253, created 2009-09-21
B2B-Test@testemail.com (Dev/Test/QA) B2BHelpdesk@testemail.com

output:

A string containing some random number and texts

I would like to ask where should I place the public keys given to me by my customer so that I can properly decrypt the file?

I am very new to this, so I am not that sure if I’m on the right path in solving this requirement.

Thanks,
Dee

I know this is a year-old thread, but I thought I’d provide a belated answer to the query in case someone else needs the info.

The root issue here is that the attempted approach is backwards. Encrypted files cannot be decrypted using a public key.

To exchange encrypted files with someone, here are the steps.

  1. Each party should generate their own private/public key pair. The private key should be closely guarded and protected and never shared with anyone.

  2. The parties provide their public key to each other.

  3. When party A is to send a file to party B, party A uses the B public key to encrypt the file. Then party B can decrypt it using their private key.

  4. For B to A, use the A public key to encrypt.

A common technique to help with file management and troubleshooting is for the sending party to “encrypt to self” as well as for the receiving party. For example, when A sends to B, A uses the B public key as well as its own public key to encrypt. That way A and B can decrypt the file. How this is done depends upon the tool being used (gnupg uses a configuration file).

Hope this helps.