Elektra
0.9.5
|
The gpgme
plugin is a filter plugin that enables users to encrypt values before they are persisted and to decrypt values after they have been read from a backend. The encryption and decryption is designed to work transparently.
The cryptographic operations are performed by GnuPG via the libgpgme
library.
libgpgme11
version 1.10 or laterThe plugin has been tested on Ubuntu 18.04 with libgpgme
version 1.10.
You can mount the plugin like this:
Now you can specify a key user:/t/a
and protect its content by using:
The value of user:/t/a
(for this example: "secret") will be stored encrypted. You can still access the original value by using kdb get
:
The GPG recipient keys can be specified in two ways:
encrypt/key
directly.encrypt/key
.The following example illustrates how multiple GPG recipient keys can be specified:
gpgme
operates in textmode per default. In textmode the output of GPG is ASCII armored.
Textmode can be disabled by setting /gpgme/textmode
to 0
in the plugin configuration.
The encrypted values are valid PGP messages, that can be decrypted and read solely by the GnuPG binary without Elektra.