PGP Encryption in MuleSoft
We can use vendor provided PGP public key to do encryption and send the encrypted data/files to vendor. Once they receive it then they can use their Private Key to decrypt. Vendor can share their public key either in asc (Text) or gpg (Binary) extension. Let’s see how PGP encryption works in MuleSoft.
Before that if you want to understand PGP from starting then please go through below tutorials.
- PGP Introduction and Kleopatra tool for Key management
- Generate Private Public PGP key
- Vendor Provided PGP Public Key
PGP Encryption – We need two things to encrypt in MuleSoft
- Public Key in gpg format
- Fingerprint
For this POC we will use Public key we created in our earlier Tutorial – Generate Private Public PGP key
Please see how to use Subkey instead of Fingerprint (which is default Primary Subkey) – Subkey in PGP Encryption
Let’s create a project in MuleSoft
Add the Crypto connector in Mule Palette – Checkout this tutorial on how to add module in Anypoint studio
Drag and drop PGP encrypt and Logger into the flow
Add Public_4232E6BD7151FF89D9F755807AC70C45987C59AA.gpg – PGP public key in resources
Click on PGP encrypt connector and click on add configuration
Populate Public keyring with Public key name we place in resources
- Click Add symbol to add fingerprint detail
- Add Key id and Fingerprint detail
Click Finish
Add the same Key Id in Key Selection Box
In logger we will capture the encrypted payload
Now run the application and test the endpoint in SOAP UI
We can see the encrypted details in response
We can cross check the encrypted message online – https://8gwifi.org/pgpencdec.jsp
PGP MuleSoft application – pgp-sample-service
PGP SOAP UI application – PGP-Sample-soapui-project