Cryptography - Decrypt and verify

Declaration

<AMCRYPTOGRAPHY ACTIVITY="decrypt_verify" SUBFOLDERS="yes/no" 
KEEPFOLDERSTRUCT="yes/no" OVERWRITE="yes/no" 
ISNEWER="yes/no" ONLYIFEXIST="yes/no" OVERWRITEREADONLY="yes/no" 
OVERWRITEHIDDEN="yes/no" ARCHIVETURNOFF="yes/no" 
MATCHCASE="yes/no" EXCLUDE="text" RE="yes/no" 
INPUTFILE="text" OUTPUTFILE="text" RESULTDATASET="text" 
PUBKEYRINGPATH="text" SECKEYRINGPATH="text" 
PASSPHRASE="text (encrypted)" USEOLDPACKETS="YES/NO" 
TAR="YES/NO" REMOVEEXTENSION="text" />

Description: Decrypts and verifies one or more files in a single automated sequence.

Practical Usage

Typically used to decrypt and verify files previously encrypted and signed by the Encrypt and Sign activity.

General Parameters

Property	Type	Required	Default	Markup	Description
Source	Text	Yes	(Empty)	INPUTFILE="c:\source\file.txt" INPUTFILE="c:\source\*.txt"	The path and filename of the file(s) to decrypt. Wildcard characters (e.g., * or ?) can be used to decrypt files matching a certain mask.
Destination	Text	Yes	User	OUTPUTFILE="c:\destfile.txt" OUTPUTFILE="c:\dest\	The destination folder and (optional) filename to place the newly decrypted file(s). Folders that do not exist will be automatically created at runtime.
Create and populate decrypt dataset	Text	Yes	(Empty)	RESULTDATASET="theResult"	The name of the dataset to create and populate with results of this activity. More details regarding individual dataset names and return values can be found below under Datasets.
Public keyring file(s)	Text	Yes	(Empty)	PUBKEYRINGPATH= "c:\foldername\file.pkr"	Specifies the path and filename of the PGP, OpenPGP or GnuPG Public Keyring file. Entering a valid Public Keyring file along with a matching Secret Keyring file will populate the PGP tab with the appropriate signature information. This parameter is active only if the Type parameter located in the General tab is set to PGP Public/Private Key or OpenPGP Public/Private Key.
Secret keyring file(s)	Text	Yes	(Empty)	SECKEYRINGPATH= "c:\foldername\file.skr"	Specifies the path and filename of the PGP, OpenPGP or GnuPG secret keyring file. Entering a valid Public Keyring file along with a matching Secret Keyring file will populate the PGP tab with the appropriate signature information. This parameter is active only if the Type parameter located in the General tab is set to OpenPGP Public/Private Key.

Recipient/Signer Paramters


Property	Type	Required	Default	Markup	Description
Passphrase	Text	Yes	(Empty)	PASSWORD="encrypted"	The passphrase required to validate and decrypt the selected file(s). A passphrase is similar to a password but typically longer for added security.
Auto select verifying keys	Yes/No	No	Yes	AUTOVERIFY="no"	If set to YES, verifying keys will be automatically selected. Set to YES by default.
Email or Name	Text	No	(Empty)	KEYID=John@netauto.com	Specifies the OpenPGP key ID (normally an email address or name) used to decrypt the file(s). If more than one email/name is entered (along with the associated password), during runtime, this activity will read through the list and select the appropriate one. Click Select recipient(s) to open a standard explorer dialog and navigate to the desired recipient(s). NOTE: The User section becomes populated with the user information associated with the Public Keyring File and Secret Keyring File entered under the Key Options tab. This will allow for choosing users during design time. The User portion is only helpful during design if referencing a keyring that is available.
Password	Text	No	(Empty)	PASSWORD=password	Specifies the passphrase related to the information entered under the Email or Name field. NOTE: The User section becomes populated with the user information associated with the Public Keyring File and Secret Keyring File entered under the Key Options tab. This will allow for choosing users during design time. The User portion is only helpful during design if referencing a keyring that is available.

Advanced Parameters

Property	Type	Required	Default	Markup	Description
Use new features (PGP > 6.5.x)	Yes/No	No	Yes	FONT="Times New Roman"	If set to YES (default), newer PGP features introduced in version 6.5.x will be supported.
Use old packets (PGP 2.3.x, 6.5.x)	Yes/No	No	Yes	SIZE="10"	If set to YES, older PGP encryption algorithm will be supported. Set to NO by default.
Extract TAR archive	Yes/No	No	Yes	FORGROUNDCOLOR="Blue"	If set to YES, TAR archives will be extracted. Set to NO by default.
Remove extension (e.g., .enc)	Text	No	(Empty)	BACKGROUNDCOLOR="SeaShell"	The extension to remove (if any).

File Options Parameters

Property	Type	Required	Default	Markup	Description
Include subfolders	Yes/No	No	No	SUBFOLDERS="YES"	If set to YES, specifies that, if present, subfolders should be searched for files matching the mask specified in the Source parameter. The default value is set to NO.
Preserve folder structure	Yes/No	No	Yes	KEEPFOLDERSTRUCT="NO"	If set to YES, specifies that subfolders found in the source folder should be created in the destination folder, and source files should be decrypted into their respective folders rather than directly into the root of the folder specified in the Destination parameter. Valid only if the Include subfolder parameter is set to YES.
Overwrite if exists	Yes/No	No	No	OVERWRITE="YES"	If set to YES, specifies that, if destination files already exist, they should be overwritten. The default value is set to NO.
Only if newer	Yes/No	No	No	ISNEWERTHAN="YES"	If set to YES, indicates that only files that are newer than those in the destination folder will overwrite existing files. Valid only if the Overwrite if Exists parameter is set to YES.
Only if exists in destination	Yes/No	No	No	ONLYIFEXIST="YES"	If set to YES, specifies that only files that already exist in the destination will be decrypted from the source. All other files, regardless of whether they match the mask or other parameter settings will be bypassed. Valid only if the Overwrite if Exists parameter is set to YES.
Overwrite read-only files	Yes/No	No	No	OVERWRITEREADONLY="YES"	If set to YES, indicates that already existing files should be overwritten even if the file in the destination is marked with the "read-only" attribute. By default, read only files are not overwritten. Valid only if the Overwrite if Exists parameter is set to YES.
Overwrite hidden files	Yes/No	No	No	OVERWRITEHIDDEN="YES"	If set to YES, specifies that already existing files should be overwritten even if the file in the destination is marked with the "hidden" attribute. By default, hidden files are not overwritten. Valid only if the Overwrite if Exists parameter is set to YES.
Turn archive attribute off	Yes/No	No	No	ARCHIVETURNOFF="YES"	If set to YES, denotes that the "archive" attribute of the source file should be switched OFF. The Windows "archive" attribute is generally used to track whether a file has been backed-up. By turning the source file's archive attribute off; this indicates to many backup programs that the file has already been backed-up.
Exclude mask	Text	No	(Empty)	EXCLUDE="*.txt"	Causes this action to omit decrypting files matching the mask(s) specified. Filenames or wildcard masks may be used. Multiple entries may be specified by separating them with a pipe symbol (\|). For example: .txt\|.bak.
Regular expression	Yes/No	No	No	RE="YES"	If set to YES, specifies that a regular expression is used in the Exclude Mask field.
Only if newer than	Date	No	(Empty)	ISNEWERTHAN= "%DateSerial(2007,10,12) + TimeSerial(00,00,00)%"	Causes this action to only decrypt files if the source is newer than the date/time specified. If this parameter is left blank or not included, the date of the file(s) will be ignored (excluding Only if newer parameter).
Only if older than	Date	No	(Empty)	ISOLDERTHAN= "%DateSerial(2007,10,12) + TimeSerial(00,00,00)%"	Causes this action to only decrypt files if the source is older than the date/time specified. If this parameter is left blank or not included, the date of the file(s) will be ignored (excluding Only if newer parameter).

File Attributes Parameters

Property	Type	Required	Default	Markup	Description
Attributes	Text Options	No	(Empty)	ATTRFILTER="+R+A-H" (decrypt read-only & archive files but not hidden files)	This group of settings causes the action to filter which files are decrypted based on the attribute settings of the source file(s). In visual mode, a group of controls are provided to assist in the selection of this parameter. In markup mode, a single text item must be specified that contains the attributes of the files you wish to decrypt. Available options are: R = Read-only: Specifying "+R" causes files with this attribute turned on to be included, "-R" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. A = Archive: Specifying "+A" causes files with this attribute turned on to be included, "-A" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. S = System: Specifying "+S" causes files with this attribute turned on to be included, "-S" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. H = Hidden: Specifying "+R" causes files with this attribute turned on to be included, "-H" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. span style="font-weight: bold;">C = Compression: Specifying "+C" causes files with this attribute turned on to be included, "-C" causes files with this attribute turned off to be included; not specifying the letter (default) causes this attribute to be ignored.

Property

Type

Required

Default

Markup

Description

Attributes

Text Options

(Empty)

ATTRFILTER="+R+A-H" (decrypt read-only & archive files but not hidden files)

This group of settings causes the action to filter which files are decrypted based on the attribute settings of the source file(s). In visual mode, a group of controls are provided to assist in the selection of this parameter. In markup mode, a single text item must be specified that contains the attributes of the files you wish to decrypt. Available options are:

R = Read-only: Specifying "+R" causes files with this attribute turned on to be included, "-R" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
A = Archive: Specifying "+A" causes files with this attribute turned on to be included, "-A" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
S = System: Specifying "+S" causes files with this attribute turned on to be included, "-S" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
H = Hidden: Specifying "+R" causes files with this attribute turned on to be included, "-H" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
span style="font-weight: bold;">C = Compression: Specifying "+C" causes files with this attribute turned on to be included, "-C" causes files with this attribute turned off to be included; not specifying the letter (default) causes this attribute to be ignored.

Description tab - A custom description can be provided on the Description tab to convey additional information or share special notes about a task step.

Error Causes tab - Specify how this step should behave upon the occurrence of an error. (Refer to Task Builder > Error Causes Tab for details.)

On Error tab - Specify what AWE should do if this step encounters an error as defined on the Error Causes tab. (Refer to Task Builder > On Error Tab for details.)

Comparing Machine-Level and User-Level RSA Key Containers

User-level RSA key containers are stored with the Windows user profile for a particular user and can be used to encrypt and decrypt information for applications that run under that specific user identity. User-level RSA key containers can be useful if you want to ensure that the RSA key information is removed when the Windows user profile is removed. However, because you must be logged in with the specific user account that makes use of the user-level RSA key container to encrypt or decrypt protected configuration sections, they are inconvenient to use.

Machine-level RSA key containers are available to all users that can log in to a computer, by default, and are the most useful as you can use them to encrypt or decrypt protected configuration sections while logged in with an administrator account. A machine-level RSA key container can be used to protect information for a single application, all the applications on a server, or a group of applications on a server that run under the same user identity. Although machine-level RSA key containers are available to all users, they can be secured with NTFS Access Control Lists (ACLs) so that only required users can access them.

v10 | 202208121109

Copyright Help/Systems LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.