Encryption and Digital Signatures using GPG

DISCLAIMER: Author is not an expert in cryptography (he is not an expert in anything really). Use this stuff at your own risk. If you find bugs or inaccuracies, please create an issue or PR on the github repository.

GPG basics

The GNU Privacy Guard, also known as GnuPG or simply GPG, is a popular open source OpenPGP (RFC4880) implementation. The system is widely trusted for securing integrity and confidentiality of internet communications through various cryptographic methods. GPG is used in Debian and Redhat to verify downloads from package managers (apt, yum) and people like Edward Snowden and Glenn Greenwald use it to encrypt confidential emails.

Public key crypto

Like most modern crypto systems, GPG makes use of public key methods. You can easily generate a personal keypair which consists of a private key and corresponding public key.

Your private key is to be kept secret and needed to sign or decrypt messages. The corresponding public key should be made available to anyone that needs to verify your signature, or encrypt messages which can only be decrypted by you.

Once we have someone’s public key, we can send them secure messages and verify their signatures. However how do we find and authenticate the public key of a person or server if we have not talked to them before?

Web of trust

The complexity in public key systems derives from authenticating public keys. If we can not trust our communication channel to be safe, we can only be sure that a public key belongs to given person if it has been signed by someone that we do trust.

The major difference between GPG and PKI systems (such as HTTPS) is how we authenticate public keys. HTTPS is based on a system with Certificate Authorities (CA). Anyone can create a keypair for any domain/personal name, however we only trust public keys which have been signed by an official CA. This CA is typically a commercial vendor which verifies your identity (e.g. via a copy of your passport) and then uses their own keypair to sign a certificate containing your public key and your personal name / email / domain.

GPG uses a different system which does not distinguish between peers and authorities. In GPG, anyone can sign another persons key. The GPG user determines which peers they choose to trust in their personal keyring. For new peers, the GPG software helps you figure out which of your current peers has verified the identity of the new peer, perhaps indirectly via a third or fourth peer, and so on: a “web of trust”.

The easiest way to exchange public keys and key signatures is via a keyserver. GPG is compatible with existing PGP key servers. These servers mirror each other so most keys are available on either one. This package automatically retrieves keys and signatures via the gpg_recv function.

• https://pgp.mit.edu
• https://keyserver.ubuntu.com

GPG keyservers do not need HTTPS. One should only trust GPG keys on basis of GPG signatures, regardless of how they were obtained. For this reason it is also valid to share GPG public keys via e.g. a website or email.

Your keyring

It is important to know which version of GPG you are running and where your home dir is. Your home directory contains your configuration and the keyrings. GPG defaults to your system keyring, which is the same as the gpg command line utility and system package manager use.

str(gpg_info())

List of 5
 $ gpgconf: chr "/usr/local/bin/gpgconf"
 $ gpg    : chr "/usr/local/Cellar/gnupg/2.2.17/bin/gpg"
 $ version:Class 'numeric_version'  hidden list of 1
  ..$ : int [1:3] 2 2 17
 $ home   : chr "/Users/jeroen/.gnupg"
 $ gpgme  :Class 'numeric_version'  hidden list of 1
  ..$ : int [1:3] 1 13 1

Use gpg_restart to switch to another home directory, e.g. for a client which uses its own configuration and keyrings. For this example we store keys in a temporary directory.

gpg_restart(home = tempdir())

gpg (GnuPG) 2.2.17
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/jeroen/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Use gpg_list_keys() to see the current contents of your keyring. It is empty to start with:

gpg_list_keys()

[1] id    name  email
<0 rows> (or 0-length row.names)

Generate keys

Use gpg_keygen() to generate a new public private keypair:

(mykey <- gpg_keygen(name = "Jerry", email = "jerry@gmail.com"))

[1] "BC79DBE3ED0C2B22"

gpg_list_keys()

                id  name           email
1 BC79DBE3ED0C2B22 Jerry jerry@gmail.com

Import from keyserver

Use the gpg_recv function to download a given key and all available signatures for this key from a keyserver. For example let’s import the public key from Michael Rutter which is used to sign the Ubuntu r-base packages from CRAN:

gpg_recv(id ="51716619E084DAB9")

Searching: https://keyserver.ubuntu.com

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

(keyring <- gpg_list_keys())

                id           name              email
1 BC79DBE3ED0C2B22          Jerry    jerry@gmail.com
2 51716619E084DAB9 Michael Rutter marutter@gmail.com

Note that for imported keys, we do not have the private key:

(secring <- gpg_list_keys(secret = TRUE))

                id  name           email
1 BC79DBE3ED0C2B22 Jerry jerry@gmail.com

Import from file

The gpg_import function reads an armored GPG key from a file or URL:

gpg_import("https://stallman.org/rms-pubkey.txt")

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

However this file does not contain any signatures for this key. If we import it from a keyserver we also get the signatures:

(rms_id <- gpg_list_keys("rms")$id)

[1] "2C6464AF2A8E4C02"

gpg_recv(rms_id)

Searching: https://keyserver.ubuntu.com

     found   imported    secrets signatures    revoked 
         1          0          0        194          0 

gpg_list_signatures(rms_id)

                 id           timestamp             name       email success
1  2C6464AF2A8E4C02 2013-07-20 09:32:38 Richard Stallman rms@gnu.org    TRUE
2  624DC565135EA668 2013-07-20 09:37:45                                FALSE
3  F05DDAE40371FCE5 2013-09-15 14:18:46                                FALSE
4  231696C3EAE0078A 2013-09-24 14:15:58                                FALSE
5  7B585B30807C2A87 2013-09-28 13:59:04                                FALSE
6  7CEF29847562C516 2013-09-28 19:59:53                                FALSE
7  520E0C8369B003EF 2013-08-20 03:31:55                                FALSE
8  D56E1B4C135D47A1 2013-08-29 04:36:03                                FALSE
9  31CC32CEF78F3EE4 2013-08-29 04:37:52                                FALSE
10 9439E86389D0AF41 2013-08-29 04:55:01                                FALSE
11 C5CFD08B22247CDF 2013-09-24 06:00:05                                FALSE
12 20B7283AFE254C69 2013-09-28 13:44:02                                FALSE
13 A866D7CCAE087291 2013-09-29 08:59:25                                FALSE
14 6D33FBF5B5E4C71A 2013-09-30 06:52:36                                FALSE
15 8916CADF8ACD372A 2013-10-02 04:17:17                                FALSE
16 8E549D02234CC324 2013-10-03 00:36:24                                FALSE
17 D605848ED7E69871 2013-10-04 02:03:23                                FALSE
18 758EAEC123F62336 2013-10-12 15:53:08                                FALSE
19 7B585B30807C2A87 2013-10-18 12:27:08                                FALSE
20 E4A6D8A25310523C 2013-10-22 17:53:11                                FALSE
 [ reached 'max' / getOption("max.print") -- omitted 90 rows ]

The signature only contains the key ID of the signer. You would need to download the corresponding pubkeys to actually verify these signatures.

Export a key

To export our newly created public key:

str <- gpg_export(id = mykey)
cat(str)

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBF1+c9UBCACv3GM/W2q9xgNXmvEM87226tTmGwMSwgRwjg3QfuCt0FxIImoZ
5cH2B/P8Oy+Hxs+WQpau+Xt7a3pU0etqfo++rt88EEx2ewhJSFqf6pFTFKZi4iQW
IoBKoHLzAhnmbXB1LiNXDMmQRpNaSTQdDOWiJHncPz0mReUckW3uKLSyURHI/TYc
GERg6n/jtRTe6p25ZIrRUVUwPcgX4okag/nmECOvw79GBCObNyDOhSNT5D0QsxU1
JanvUZP1o5CMWRQAFvIQk4iI2tJsuPok+lMzbjQCRqKWep0q9ytw30J0rWAKG30K
UPZ/6voG5Lpa806CGVpwr1sg2EDtQTJX5lF/ABEBAAG0F0plcnJ5IDxqZXJyeUBn
bWFpbC5jb20+iQFUBBMBCAA+FiEEYOex5rCVR1ofirBYvHnb4+0MKyIFAl1+c9UC
Gw8FCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQvHnb4+0MKyKA5AgA
lDfMo2XN13iZ0P5vl0i8Py5sC/HEphFmZ9EpDe7DetyXMxMPCI1sxJOfpP+7vE+V
V6VN19BOqEFFOXoGq6a+jnEwJ1pcwdwn3d3xaLBZo5OiCzxPezmcC99rudR+DCBo
TipPRUkaLSBrcyxjCdhpB9VI3qb2FXLhKRKvyeOijktY0OpmXbkH6ik7ugjiVJa9
c91NsxShT4xgJk3N2ZHRL7YKaEMT+oIYnDWDzam+4nnGctvhWuaF0Dn3RNU4C8c/
poXBTBKHibTEGvzzl7Cd4O1Xkkuvr2UhBefopAW7I9rhhw/Tim/GBLJI3UuTuhmo
aVQq4Wj+qNbbRpjuQkrmLA==
=v1QX
-----END PGP PUBLIC KEY BLOCK-----

If you also own the private key you can export this as well:

str <- gpg_export(id = mykey, secret = TRUE)
cat(str)

-----BEGIN PGP PRIVATE KEY BLOCK-----

lQOYBF1+c9UBCACv3GM/W2q9xgNXmvEM87226tTmGwMSwgRwjg3QfuCt0FxIImoZ
5cH2B/P8Oy+Hxs+WQpau+Xt7a3pU0etqfo++rt88EEx2ewhJSFqf6pFTFKZi4iQW
IoBKoHLzAhnmbXB1LiNXDMmQRpNaSTQdDOWiJHncPz0mReUckW3uKLSyURHI/TYc
GERg6n/jtRTe6p25ZIrRUVUwPcgX4okag/nmECOvw79GBCObNyDOhSNT5D0QsxU1
JanvUZP1o5CMWRQAFvIQk4iI2tJsuPok+lMzbjQCRqKWep0q9ytw30J0rWAKG30K
UPZ/6voG5Lpa806CGVpwr1sg2EDtQTJX5lF/ABEBAAEAB/4+yjIXc4TzmCkmVNh/
NuHEVylHtVpODr72DwpIqJyBAtWIHd2DPKEZvrIzG1C3qlkA/ep+M+6OXQwTD9Z9
sg2R2C81a15ZqUkGnVJaKa7Umplj0flve8cRniMct+HWf7m45Q3SLWskW8aN5Hg6
bRnqYBqwdFXZffg1UImPELKfvbHOfG0ADx+JmwJs89CDrX11/L1r3W5AIvvipHEJ
J9o2B5vA8l3HA4hIT1LdBLAQBcH95WwDkiPcsEQCgHBe1sZfRtm2zTYqEo2tKLCp
m1d7mE5kPWFDJ9NL0qMYz/6/ihIXcD2stJ7nK8vR+t36/msCuRBqtaz2tGnv+Rt+
Bu8hBADPwXCidtmrHBi6H8wPChcTp/uDBUZOZZLMTye4gmREGL16bd4b2MFRd+Ab
NlxGX/NCT2Ivn+fW1vUXBR/ZtxxASAjXrO8PQW7kGrvvVbOytxybumpEbHT/vxkM
45PFGPvf16a5xfFBy9l5lB0LVew+U4boSagh0R2LnC49GJ4TIQQA2LLiXx2EOlS5
7A6eoN4vkCJ8bcV6/q26XCrtX7tha3D/sQZFP+XU8tc0WY2CMjK/Jrp5RfqdFVuL
fy3rCANgjlsyKxDzQu3uo4HorFM4+7UYpQwzJw6TtDbNTKIrDPvCSZJRWPF/PvFy
hBENhEbpbPR7sDbhPgtizlgXgnQacJ8EAJBNKlNfUkEJ4HVLD4j5cS0uMnUcHDgx
dAnagJz5nRE/G1ZaKvq4/4CRpfWGMRiaGhVgBvTed26YL8GiLDzU88VEs4i0n+Ka
kSazQawU+HTGGaP2eRE9mtbLQMHWDuT8o52VAj7qQlRRHO8ovL7xVgbOZXo7v9sp
pPkdBzAfAD8ANTe0F0plcnJ5IDxqZXJyeUBnbWFpbC5jb20+iQFUBBMBCAA+FiEE
YOex5rCVR1ofirBYvHnb4+0MKyIFAl1+c9UCGw8FCQPCZwAFCwkIBwIGFQoJCAsC
BBYCAwECHgECF4AACgkQvHnb4+0MKyKA5AgAlDfMo2XN13iZ0P5vl0i8Py5sC/HE
phFmZ9EpDe7DetyXMxMPCI1sxJOfpP+7vE+VV6VN19BOqEFFOXoGq6a+jnEwJ1pc
wdwn3d3xaLBZo5OiCzxPezmcC99rudR+DCBoTipPRUkaLSBrcyxjCdhpB9VI3qb2
FXLhKRKvyeOijktY0OpmXbkH6ik7ugjiVJa9c91NsxShT4xgJk3N2ZHRL7YKaEMT
+oIYnDWDzam+4nnGctvhWuaF0Dn3RNU4C8c/poXBTBKHibTEGvzzl7Cd4O1Xkkuv
r2UhBefopAW7I9rhhw/Tim/GBLJI3UuTuhmoaVQq4Wj+qNbbRpjuQkrmLA==
=vxs5
-----END PGP PRIVATE KEY BLOCK-----

Delete a key

Delete a key from its ID or fingerprint. Let’s delete the RMS key:

gpg_delete('2C6464AF2A8E4C02')

[1] "2C6464AF2A8E4C02"

gpg_list_keys()

                id           name              email
1 BC79DBE3ED0C2B22          Jerry    jerry@gmail.com
2 51716619E084DAB9 Michael Rutter marutter@gmail.com

Digital Signatures

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. If you sign a file using your personal secret key, anyone can verify that this file has not been modified (i.e. the hash matches the one in your signature) via your public key.

GPG signatures are widely used by Linux package managers such as apt to verify the integrity of downloaded files. Typically the public key is shipped with the OS, and the private key is owned by the repository maintainers. This way we can safely install software from any mirror or network.

Sign a file

Let’s use the private key we generated earlier to sign a file:

myfile <- tempfile()
writeLines("This is a signed message", con = myfile)
sig <- gpg_sign(myfile)
writeLines(sig, "sig.gpg")
cat(sig)

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEEYOex5rCVR1ofirBYvHnb4+0MKyIFAl1+c9cACgkQvHnb4+0M
KyJN6wf/VJiE3gqUW6n9Q5H1e3Zvk0dPyTufpuwtkKsQAHfu0xONCsBS26dHayp9
tLoVx7FeGS/qn3Tf0IP6hNr5ceP19WZW6WXOMX1Ndctz6DVIe6YbOaXAWGJ5GUZ2
bUZqHNum3OWsaFWwEglI8tGnqMmxcisxKra2xEEEqdUZjn1klOkY7MC0ea5bl/5J
IrhYXGGQBEeC+XfWt4969HHPm3+s+iv8vcJ/6I7WZdQKoPY6ImrJ0vJsMJVh+yjg
2c8riC0iNvmTEGeyuDMjMYh2JcTrxmzNdGtluf05iJCn3QR+He0mv+V3bNTgbhE4
3jrHOHRkWvr/lryd8XMTTAKG2l0jwA==
=dO+c
-----END PGP SIGNATURE-----

You can also create a signed message which includes the data itself by setting mode to normal or clear, which is useful for email:

clearsig <- gpg_sign(myfile, mode = "clear")
writeLines(clearsig, "clearsig.gpg")
cat(clearsig)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This is a signed message
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEYOex5rCVR1ofirBYvHnb4+0MKyIFAl1+c9cACgkQvHnb4+0M
KyKEmgf/c3YppTDX6OHlQvN7K1wcjPQWQoDSnSdzomnE/QcxJOeZdvywB5WANJws
okN1ketHDIWK2E5+7g2l4UmYYVki8qahlcxUyVNpkgQbIpfG1LLS9GHdSVqh1A/x
MrftbEDkrK1zVgkfVk0q4ZP/RM2YxtoEm9QZDRR6vxCeA11BnizGEDWmlaj/N830
kVEKyajiuPBDYbZP1efa2FvWHpvyoR9mbGOvd0LtZh8/8QWo0UCC2d2vJ1K3hjol
UlNcMdimSLCXyFSRgiWoqaUyfQTB0sWxVxuZ7OPzw3UZm0jqTBFEUrKMW7dTQ5xF
FsIMB7Vm/d480JeHbR6s5WR8FBaIEQ==
=2U3o
-----END PGP SIGNATURE-----

Verify a signature

The gpg_verify function will see if a signature is valid for any of the keys in the keyring:

gpg_verify("sig.gpg", data = myfile)

                               fingerprint           timestamp   hash pubkey success
1 60E7B1E6B095475A1F8AB058BC79DBE3ED0C2B22 2019-09-15 10:24:39 SHA256    RSA    TRUE

If the signature is in clear or normal mode, the signature file contains both the message and signature:

gpg_verify("clearsig.gpg")

                               fingerprint           timestamp   hash pubkey success
1 60E7B1E6B095475A1F8AB058BC79DBE3ED0C2B22 2019-09-15 10:24:39 SHA256    RSA    TRUE

Debian example

Let’s verify a Debian file. The Debian page on CRAN says the following:

The Debian backports archives on CRAN are signed with the key of Johannes Ranke (CRAN Debian archive) jranke@uni-bremen.de with key fingerprint 6212 B7B7 931C 4BB1 6280 BA13 06F9 0DE5 381B A480

Let’s import his key so that we can verify the Release file, which contains checksums for all files in the repository:

# take out the spaces
johannes <- "E19F5F87128899B192B1A2C2AD5F960A256A04AF"
gpg_recv(johannes)

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

If you don’t trust the CRAN homepage, you could check who has signed this key. You’d need to import the corresponding peer keys for more information.

gpg_list_signatures(johannes)

                id           timestamp           name                  email success
1 AD5F960A256A04AF 2016-11-15 16:18:06 Johannes Ranke johannes.ranke@jrwb.de    TRUE
2 2F0F4E14F649AF90 2016-11-15 16:29:16                                         FALSE
3 06F90DE5381BA480 2016-11-15 16:35:39                                         FALSE

Now lets verify the release files:

# Verify the file
library(curl)
curl_download('https://cran.r-project.org/bin/linux/debian/buster-cran35/Release', 'Release')
curl_download('https://cran.r-project.org/bin/linux/debian/buster-cran35/Release.gpg','Release.gpg')
gpg_verify('Release.gpg', 'Release')

                               fingerprint           timestamp   hash pubkey success
1 AD7B5162BA456BE3526F8D92FCAE2A0E115C3D8A 2019-07-09 00:20:34 SHA512    RSA    TRUE

Looking good! We can trust the checksums in the Release file to be legitimate.

Anonymous Encryption

GPG uses public key encryption. You can use someone’s public key to encrypt a message or document, in a way that only the owner of the corresponding private key will be able to decrypt. This is a great way to send somebody highly confidential data.

Encrypt a message

For example we want to send an email Jeroen containing top secret information that may not be snooped by our ISP or email provider. First we import Jeroen’s public key using the ID as listed e.g. here:

jeroen <- '16C019F96112961CEB4F38B76094FC5BDA955A42'
gpg_recv(jeroen)

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

writeLines("Pizza delivery is on it's way!", "secret.txt")
msg <- gpg_encrypt("secret.txt", receiver = jeroen)
writeLines(msg, "msg.gpg")
unlink("secret.txt")
cat(msg)

-----BEGIN PGP MESSAGE-----

hQEMA4BQ/mdnc2saAQgAsipkgWS9al/LxEQatY4g6VE5URE3Kz05z/LPH5OzjsyI
R2EAJ89AOsXEr7ayLHWrP0kJ2kIzXUN32b/mpHr//uubYskqF/ecWLihBcT95gXc
R3xcV/pI6o5ca74PfU+nvzXq9u5ArPNhgR1mfhT1WKy3hSi4WY9vdjSFfrA08J+B
kQMuKahJJ3cKdi17yC2aXg1Ms5A7h+L76Eb9e4PaWKadDZy0nzfDJ0729iWBfdtH
1VEKHihlI5v8KsHnef1kUj6Dr3DMSIvuMliqPXpn/BevppuPjMihumJoyiuGxMLO
29MwCMvgyHtI3jSYygauT2s5tw+4jUhpNbjUdlKoHtJaAYKFNd9P0vx1jM0BxcS1
/lSyH1cMAxWutxI/LewVqHJ8sQHhEGPJyoShtxWoja9onHUkmaZtWZQ65YUbZ/Yd
eaCzZZ/KQromGV6hCJBGvp0utMmaUBfUHzFG
=OIQi
-----END PGP MESSAGE-----

Now you can safely send this message over any channel (email, twitter, etc). Nobody in the world besides Jeroen will be able to decipher this message (not even you).

Decrypt a message

Decrypting a message is just as easy. GPG will automatically find the correct private key from your keyring, or raise an error if you don’t have it. For example we will not be able to decrypt the message we created above for Jeroen

# This will error, we do not have this private key
gpg_decrypt("msg.gpg")

Error: GPGME verify signatures and decrypt message error: No secret key

To demonstrate decryption, we encrypt a message using our own keypair (for which we own the private key).

writeLines("This is a test!", "secret.txt")
msg <- gpg_encrypt("secret.txt", receiver = mykey)
writeLines(msg, "msg.gpg")
cat(msg)

-----BEGIN PGP MESSAGE-----

hQEMA7x52+PtDCsiAQf/fLVqqXHcN79RmiAdJRFhDSkJ6XmafbDJLovk23qVi79b
npKG2zNgn2zwYMKEKNyWLQb4ldAK0Ykps3l26d7/3qHZSquNMVpt8TaMVs6d6oFC
W0uGgq2/qDW5Ev6IlnQZKgpXuSS2Sx8P+Ay+oi5hRln39ABZhB6S0W0hILskRPWN
1dV9b1+Uu81Ad2E+AnmwR5YDaevsONFj8W7mfqikOeDHAjUHBEVkI9sJoyPlFM/k
JOTd0aKdwS2Z5s24k/TJ/TCaFFzDUnvk4Wh+Axp6PvoxfoG9li2Nx8MLWwSXdFGQ
RCigMY7InPYS3ayYellmr9nLc0KSOo95JtJhRoe1g9JJAfJmob8wBR+f+JnRJYVF
O4GAXHwpHNN8acFPryN+aELXYpVzwkK9uLjUs+A4cLstajtnuOYmHTG5aoq6N2RJ
Gnd/pXLHHF5Xuw==
=JkqC
-----END PGP MESSAGE-----

Decryption is simple, given that we own the secret key for the message:

gpg_decrypt("msg.gpg")

[1] "This is a test!\n"

Authenticated Encryption

So we showed how to encrypt a message so that it can only be read by the receiver. But how does Jeroen verify the sender identity?

Sign and Encrypt

In signed encryption, also known as authenticated encryption, uses combined encryption and signing. The public key of the receiver is used to encrypt the message, and the private key of the sender to sign the message. This way the message is both confidential and the integrity of the sender can be checked and verified, only by the receiver.

msg <- gpg_encrypt("secret.txt", receiver = jeroen, signer = mykey)
writeLines(msg, "msg.gpg")
cat(msg)

-----BEGIN PGP MESSAGE-----

hQEMA4BQ/mdnc2saAQf+IPoRkzGW7oZP/QOnEFqAKrcONB9E79urhuZpKy0T9NLt
QIfLgjnbm0iSYu5sXMFast8sWEH9snTKMj9qZ3CIj1mpyx9TrGd4ZwK0xMCUeMfu
DMz2CcaqqnUhXQD2jeTiIxddK0lpBAxkHcii5trl2o7b4uAr6/57YnBwuZvVGIJQ
CaiPAI8COT7pqjXIULhfFI+MwR6nMO9d4+8RoI0F6E3hcvPXUodYS0OBUkg7prPw
I8X+AfVQk/o12ZUuclWsZZ4+BmgiRZ5aY5+FqzyFGd5x6ZiTQ2J6/b6XC3Mo9oy4
q+dlgO2Ucll66nq3fjTAZXz/sQbIJFo7CNaBVQagmdLA0QHEYBH/PPwfq2ykzfO0
4VzE/vIIGdcgGbXNmv9qLkPUXxXoLIdOe2dnQvkhenApCJZJIKPZg53K14r2fK5D
ehUnzVT9DfyPKIVaP78bDWH7Pz/ec05gsprxqIX0tjV4ooR8JgkSkkGgWKBhlvop
XeKZoLcNQ99l8tPg/dJjwPBVXAFRX+82rQvoYyPXPuFUX1s8/JWWMT/1VphP3Pvv
cIL74WkLpjLJsBUoSr8fOe5zhcDmg72RKZPpm90zQBR5LDp3ouxyVSlw7vaK8JY9
L4dz/xFvgk/HOx9CazWIIQ4hQ7Ul7NWUODklFuy7JBqK7/yxycN+QDRWuUtFct0b
kMhYrecg7zWNjINXtGQqyfgaWww08cKB/TMhNutMIJTMgt5lDAUCg5Mbd16OjY7g
jafHDIOaqHDsC4wA6SmXdhjXqb1GyFUftokLhli1nQwX25/0ePmNoCbZ6UjdTfYc
Zsy4PCXjevLckkCMaYp3B50Jmen3U4LeNJCPo+AAsHFIEQKRGTTQEeA4nwddb4at
3XpJ
=szY3
-----END PGP MESSAGE-----

Decrypt and Verify

If the encrypted message contains a signature, it will automatically be verified when the message is decrypted. The function raises an error otherwise.

For purpose of illustrating authenticated decryption, we encrypt and sign using our own key (which usually does not make sense):

msg <- gpg_encrypt("secret.txt", receiver = mykey, signer = mykey)
writeLines(msg, "msg.gpg")
gpg_decrypt("msg.gpg")

[1] "This is a test!\n"
attr(,"signer")
[1] "60E7B1E6B095475A1F8AB058BC79DBE3ED0C2B22"

The signer fingerprint (if any) will be added as an attribute to the decrypted message.