PowerShell

Encrypting and decrypting PGP using PowerShell

Some time ago, I decided that having an easy-to-use PGP PowerShell module is a way to kill my boredom. Four months have passed, and I decided to share it with the world, as it may be helpful to some of you.  Today I would like to introduce you to PSPGP – PowerShell module that provides PGP functionality in PowerShell.

PSPGP - Commands available

PSPGP is a fairly small PowerShell module that has only four commands at the moment of writing. Those are:

New-PGPKey – cmdlet to create public/private PGP keys
Protect-PGP – cmdlet to encrypt folder/files
Unprotect-PGP – decrypt PGP encrypted folder/file
Test-PGP – verify signed PGP file

While the module itself is tiny – that's what makes it very powerful and easy to use.

PSPGP - Create Private/Public PGP keys

PGP works based on public and private keys. Those can be generated using the New-PGPKey command, as shown below

New-PGPKey -FilePathPublic $PSScriptRoot\Keys\PublicPGP.asc -FilePathPrivate $PSScriptRoot\Keys\PrivatePGP.asc -UserName 'przemyslaw.klys' -Password 'ZielonaMila9!'
PSPGP - Encrypt files & folders with PGP

Once you have private and public keys generated, you're ready to encrypt the folder using someone's public key and send it over.

Protect-PGP -FilePathPublic $PSScriptRoot\Keys\PublicPGP.asc -FolderPath $PSScriptRoot\Test -OutputFolderPath $PSScriptRoot\Encoded
PSPGP - Decrypt PGP files

Similarly, if someone sends you content encrypted with a public key, you can now decrypt it with your own private key and password.

Unprotect-PGP -FilePathPrivate $PSScriptRoot\Keys\PrivatePGP.asc -Password 'ZielonaMila9!' -FolderPath $PSScriptRoot\Encoded -OutputFolderPath $PSScriptRoot\Decoded

Of course, PGP also supports a way to encrypt/decrypt strings.

$ProtectedString = Protect-PGP -FilePathPublic $PSScriptRoot\Keys\PublicPGP.asc -String "This is string to encrypt"
Unprotect-PGP -FilePathPrivate $PSScriptRoot\Keys\PrivatePGP.asc -Password 'ZielonaMila9!' -String $ProtectedString

PSPGP - Verify signature of PGP files

Finally, one can always verify signature by using Test-PGP command

$ProtectedString = Protect-PGP -FilePathPublic $PSScriptRoot\Keys\PublicPGP.asc -String "This is string to encrypt"
Test-PGP -FilePathPublic $PSScriptRoot\Keys\PublicPGP.asc -String $ProtectedString
Test-PGP -FilePathPublic $PSScriptRoot\Keys\PublicPGP.asc -FolderPath $PSScriptRoot\Encoded

PSPGP - Installing PGP PowerShell Module

To run it, just install it from PowerShellGallery, and you're good. If you are not an administrator, you can use this module within the scope of the current user.

Install-Module PSPGP -Force -Scope CurrentUser

If, however, you would like to make sure the module is available machine-wide, you can do this without providing scope.

Install-Module PSPGP -Force

All source codes are available on GitHub. If you have an issue, feature request, problem, please use GitHub as a way to reach for support. As I have limited time, reaching out via email doesn't bring many results. As with many of my other PowerShell modules, it's always a work in progress, and not everything is 100% finished. Please keep in mind this module works cross-platform on Windows/Linux and macOS. For PowerShell 5.1, it requires .NET Framework 4.7.2 at a minimum to work.

Przemyslaw Klys

System Architect with over 14 years of experience in the IT field. Skilled, among others, in Active Directory, Microsoft Exchange and Office 365. Profoundly interested in PowerShell. Software geek.

Share
Published by
Przemyslaw Klys

Recent Posts

Upgrade Azure Active Directory Connect fails with unexpected error

Today, I made the decision to upgrade my test environment and update the version of…

2 months ago

Mastering Active Directory Hygiene: Automating Stale Computer Cleanup with CleanupMonster

Have you ever looked at your Active Directory and wondered, "Why do I still have…

3 months ago

Active Directory Replication Summary to your Email or Microsoft Teams

Active Directory replication is a critical process that ensures the consistent and up-to-date state of…

7 months ago

Syncing Global Address List (GAL) to personal contacts and between Office 365 tenants with PowerShell

Hey there! Today, I wanted to introduce you to one of the small but excellent…

12 months ago

Active Directory Health Check using Microsoft Entra Connect Health Service

Active Directory (AD) is crucial in managing identities and resources within an organization. Ensuring its…

1 year ago

Seamless HTML Report Creation: Harness the Power of Markdown with PSWriteHTML PowerShell Module

In today's digital age, the ability to create compelling and informative HTML reports and documents…

1 year ago