Elektra
0.9.10
|
The gpgme
plugin is a filter plugin that enables users to encrypt values before they are persisted and to decrypt values after they have been read from a backend. The encryption and decryption is designed to work transparently.
The cryptographic operations are performed by GnuPG via the libgpgme
library.
See installation. The package is called libelektra5-experimental
.
libgpgme11
version 1.10 or laterThe plugin has been tested on Ubuntu 18.04 with libgpgme
version 1.10.
You can mount the plugin like this:
Now you can specify a key user:/t/a
and protect its content by using:
The value of user:/t/a
(for this example: "secret") will be stored encrypted. You can still access the original value by using kdb get
:
The GPG recipient keys can be specified in two ways:
encrypt/key
directly.encrypt/key
.The following example illustrates how multiple GPG recipient keys can be specified:
gpgme
operates in textmode per default. In textmode the output of GPG is ASCII armored.
Textmode can be disabled by setting /gpgme/textmode
to 0
in the plugin configuration.
The encrypted values are valid PGP messages, that can be decrypted and read solely by the GnuPG binary without Elektra.