Cryptography

Cryptography - Sign

Declaration

<AMSIGN INPUTFILE="text" OUTPUTFILE="text" SUBFOLDERS="Yes/No" 
OVERWRITE="Yes/No" ISNEWER="Yes/No" PUBKEYRINGPATH="text" 
SECKEYRINGPATH="text">
<SIGNATURE KEYID="text" PASSWORD="text" />
</AMSIGN>

Description: Digitally signs a file using the specified private key(s). The files can be signed by multiple keys.

Practical Usage

Protects files from being tampered with by digitally signing them. Digital signing uses a key pair and encrypts the message to be signed with the private key to produce a signature file. The Verify action can later be used to validate and decrypt the signature.

General Parameters

Property	Type	Required	Default	Markup	Description
Source	Text	Yes	(Empty)	INPUTFILE="c:\Folder\file.txt" INPUTFILE="c:\Folder\*.txt"	The path and file name of the file(s) to be digitally signed. Wildcard characters such as asterisk (*) and question mark (?) can be used to encrypt files matching a certain mask.
Destination	Text	Yes	(Empty)	OUTPUTFILE="c:\Folder\file.txt" OUTPUTFILE="c:\DestFolder\	The destination folder and (optional) filename of the file(s) to be digitally signed. Folders that do not exist will be automatically created at runtime.
Public Keyring File	Text	Yes	(Empty)	PUBKEYRINGPATH="c:\Folder\File.pkr"	The path and filename of the PGP, OpenPGP or GnuPG Public Keyring file. Entering a valid Public Keyring file along with a matching Secret Keyring file will populate the Signatures tab with the appropriate signature information.
Secret Keyring File	Text	Yes	(Empty)	SECKEYRINGPATH="c:\Folder\File.skr"	The path and filename of the PGP, OpenPGP or GnuPG secret keyring file. Entering a valid Public Keyring file along with a matching Secret Keyring file will populate the Signatures tab with the appropriate signature information.

Options Parameters

Property	Type	Required	Default	Markup	Description
Include Subfolders	Yes/No	No	No	SUBFOLDERS="YES"	If set to YES, specifies that, if present, subfolders should be searched for files matching the mask specified in the Source parameter. The default value is set to NO.
Preserve Folder Structure	Yes/No	No	Yes	KEEPFOLDERSTRUCT="NO"	If set to YES, specifies that subfolders found in the source folder should be created in the destination folder, and source files should be decrypted into their respective folders rather than directly into the root of the folder specified in the Destination parameter. Valid only if the Include subfolders parameter is set to YES.
Overwrite if Exists	Yes/No	No	No	OVERWRITE="YES"	If set to YES, specifies that, if destination files already exist, they should be overwritten. The default value is set to NO.
Only if Newer	Yes/No	No	No	ISNEWERTHAN="YES"	If set to YES, indicates that only files that are newer than those in the destination folder will overwrite existing files. Valid only if the Overwrite if Exists parameter is set to YES.
Only if Exists in Destination	Yes/No	No	No	ONLYIFEXIST="YES"	If set to YES, specifies that only files that already exist in the destination will be decrypted from the source. All other files, regardless of whether they match the mask or other parameter settings will be bypassed. Valid only if the Overwrite if Exists parameter is set to YES.
Overwrite Read-Only Files	Yes/No	No	No	OVERWRITEREADONLY="YES"	If set to YES, indicates that already existing files should be overwritten even if the file in the destination is marked with the "read-only" attribute. By default, read only files are not overwritten. Valid only if the Overwrite if Exists parameter is set to YES.
Overwrite Hidden Files	Yes/No	No	No	OVERWRITEHIDDEN="YES"	If set to YES, specifies that already existing files should be overwritten even if the file in the destination is marked with the "hidden" attribute. By default, hidden files are not overwritten. Valid only if the Overwrite if Exists parameter is set to YES.
Turn Archive Attribute Off	Yes/No	No	No	ARCHIVETURNOFF="YES"	If set to YES, denotes that the "archive" attribute of the source file should be switched OFF. The Windows "archive" attribute is generally used to track whether a file has been backed-up. By turning the source file's archive attribute off—this indicates to many backup programs that the file has already been backed-up.
Exclude Mask	Text	No	(Empty)	EXCLUDE="*.txt"	Causes this action to omit decrypting files matching the mask(s) specified. Filenames or wildcard masks may be used. Multiple entries may be specified by separating them with a pipe symbol (\|). For example: .txt\|.bak.
Regular Expression	Yes/No	No	No	RE="YES"	If set to YES, specifies that a regular expression is used in the Exclude Mask field.
Only if Newer Than	Date	No	(Empty)	ISNEWERTHAN= "%DateSerial(2007,10,12) + TimeSerial(00,00,00)%"	Causes this action to only decrypt files if the source is newer than the date/time specified. If this parameter is left blank or not included, the date of the file(s) will be ignored (excluding Only if newer parameter).
Only if Older Than	Date	No	(Empty)	ISOLDERTHAN= "%DateSerial(2007,10,12) + TimeSerial(00,00,00)%"	Causes this action to only decrypt files if the source is older than the date/time specified. If this parameter is left blank or not included, the date of the file(s) will be ignored (excluding Only if newer parameter).

Attributes Parameters

Property	Type	Required	Default	Markup	Description
Attributes	Text Options	No	(Empty)	ATTRFILTER="+R+A-H" (decrypt read-only & archive files but not hidden files)	This group of settings causes the action to filter which files are decrypted based on the attribute settings of the source file(s). In visual mode, a group of controls are provided to assist in the selection of this parameter. In markup mode, a single text item must be specified that contains the attributes of the files you wish to decrypt. The available options are: R—Read-only: Specifying "+R" causes files with this attribute turned on to be included, "-R" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. A—Archive: Specifying "+A" causes files with this attribute turned on to be included, "-A" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. S—System: Specifying "+S" causes files with this attribute turned on to be included, "-S" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. H—Hidden: Specifying "+R" causes files with this attribute turned on to be included, "-H" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored. C—Compression: Specifying "+C" causes files with this attribute turned on to be included, "-C" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.

Property

Type

Required

Default

Markup

Description

Attributes

Text Options

(Empty)

ATTRFILTER="+R+A-H" (decrypt read-only & archive files but not hidden files)

This group of settings causes the action to filter which files are decrypted based on the attribute settings of the source file(s). In visual mode, a group of controls are provided to assist in the selection of this parameter. In markup mode, a single text item must be specified that contains the attributes of the files you wish to decrypt. The available options are:

R—Read-only: Specifying "+R" causes files with this attribute turned on to be included, "-R" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
A—Archive: Specifying "+A" causes files with this attribute turned on to be included, "-A" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
S—System: Specifying "+S" causes files with this attribute turned on to be included, "-S" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
H—Hidden: Specifying "+R" causes files with this attribute turned on to be included, "-H" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.
C—Compression: Specifying "+C" causes files with this attribute turned on to be included, "-C" causes files with this attribute turned off to be included, not specifying the letter (default) causes this attribute to be ignored.

Signatures Parameters

Property	Type	Required	Default	Markup	Description
Email or Name	Text	Yes	(Empty)	KEYID="Jay@netauto.com"	Specifies the name or e-mail address used to locate the private key. Existing signatures (populated using the Public Keyring File and Secret Keyring File parameters located in the General tab) can be added by selecting the signature and clicking the Add button or simply double-clicking the signature. To manually enter an e-mail address or name along with keyring passphrase, click the Create button and enter the email address or unique name and associated passphrase in the appropriate fields. To remove a signature, select it from the list and click the Remove button. NOTE: At least one signature is required. Therefore, one e-mail address or name from the keyring along with its keyring passphrase needs to be entered. If there is no password associated with the email address or name in the keyring, then the Passphrase field can be left blank. Additionally, if no name or email address is used to identify the key, make sure to empty the Email or Name field of any contents.
Passphrase	Text	Yes	(Empty)	PASSWORD="encrypted"	Specifies the passphrase to be added to the private key. Existing signatures (populated using the Public Keyring File and Secret Keyring File parameters located in the General tab) can be added by selecting the signature and clicking the Move Up button or simply double-clicking the signature. To manually enter an e-mail address or name along with keyring passphrase, click the Add button and enter the e-mail or name and passphrase in the appropriate fields. To remove a signature, select it from the list and click the Remove button. NOTE: At least one signature is required. Therefore, one email address or name from the keyring along with its keyring passphrase needs to be entered. If there is no password associated with the e-mail address or name in the keyring, then the Passphrase field can be left blank. Additionally, if no name or e-mail address is used to identify the key, make sure to empty the Email or Name field of any contents.

Property

Type

Required

Default

Markup

Description

Email or Name

Text

Yes

(Empty)

KEYID="Jay@netauto.com"

Specifies the name or e-mail address used to locate the private key. Existing signatures (populated using the Public Keyring File and Secret Keyring File parameters located in the General tab) can be added by selecting the signature and clicking the Add button or simply double-clicking the signature.

To manually enter an e-mail address or name along with keyring passphrase, click the Create button and enter the email address or unique name and associated passphrase in the appropriate fields.

To remove a signature, select it from the list and click the Remove button.

NOTE: At least one signature is required. Therefore, one e-mail address or name from the keyring along with its keyring passphrase needs to be entered. If there is no password associated with the email address or name in the keyring, then the Passphrase field can be left blank. Additionally, if no name or email address is used to identify the key, make sure to empty the Email or Name field of any contents.

Passphrase

Text

Yes

(Empty)

PASSWORD="encrypted"

Specifies the passphrase to be added to the private key. Existing signatures (populated using the Public Keyring File and Secret Keyring File parameters located in the General tab) can be added by selecting the signature and clicking the Move Up button or simply double-clicking the signature.

To manually enter an e-mail address or name along with keyring passphrase, click the Add button and enter the e-mail or name and passphrase in the appropriate fields.

To remove a signature, select it from the list and click the Remove button.

NOTE: At least one signature is required. Therefore, one email address or name from the keyring along with its keyring passphrase needs to be entered. If there is no password associated with the e-mail address or name in the keyring, then the Passphrase field can be left blank. Additionally, if no name or e-mail address is used to identify the key, make sure to empty the Email or Name field of any contents.

Description tab - A custom description can be provided on the Description tab to convey additional information or share special notes about a task step.

Error Causes tab - Specify how this step should behave upon the occurrence of an error. (Refer to Task Builder > Error Causes Tab for details.)

On Error tab - Specify what AWE should do if this step encounters an error as defined on the Error Causes tab. (Refer to Task Builder > On Error Tab for details.)

Example

The sample AML code below can be copied and pasted directly into the Steps panel of the Task Builder.

Description: Sign file(s) "C:\Temp\File.txt".Save signed file(s) at "C:\Destination\". Use account(s) "joe@mycompany.com" for the key.

<AMSIGN INPUTFILE="C:\Temp\File.txt" OUTPUTFILE="C:\Destination\" 
PUBKEYRINGPATH="C:\Temp\pubring.pkr" 
SECKEYRINGPATH="C:\Temp\secring.skr">
<SIGNATURE 
KEYID="joe@mycompany.com" 
PASSWORD="AM1x0Rx3fdK69IS3DxCeTETzrB39vWw8bCt21xzAk26Acw=aME" />
</AMSIGN>

v10 | 202208121109

Copyright Help/Systems LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.