HOW TO DECRYPT DATA

The script "decrypt_data.pl" allows you to decrypt data encrypted with a PGP (Pretty Good Privacy) or GnuPG. Before to use this script you may need to know several things:

What do you need to decrypt the data?

The perl script "decrypt_data.pl" allows you to decrypt data encrypted with PGP or GnuPG program.

To use "decrypt_data.pl" you should have installed:

  • PERL, available from: http://www.perl.com/download.csp (Follow the instruction to download and install the software)

  • PGP or GPG

    • For Linux or SunOS machine: version 6.5.8 of PGP or higher, available from The International PGP Home Page. (Follow the instruction to download and install the software)

    • For Linux machine: version 1.0.7 of GPG or higher, available from The GPG Home Page.

    • For Macintosh machine: version 1.2.4 of GnuPG (GPG) or higher, available from Mac GNU Privacy Guard.

    • NOTE: There is a known issue with GPG version 1.2.6 where you must manually create the ~/.gnupg directory for encryption to work.

  • You need to know the PASSWORD of the encrypted files.

How to test

  • The platform you are using: The following command print your operating system

    > uname -a

  • If you have PGP or GPG installed: The following command shows if you have pgp or gpg installed

    > which pgp (or > which gpg )

  • The PGP or GPG version: The following command shows the version of PGP or GPG installed

    > pgp -h (or > gpg --version )

How to use "decrypt_data.pl"

  • Download "decrypt_data.pl" in any directory you want. It is not needed to have the script with the data to be decrypted in the same directory.

  • You may need to modify the first line of the script to point to perl directory. To know where perl is installed type in the command line:

    > which perl

  • Edit "decrypt_data.pl" and change the first line according to what you obtained in the last step.

  • Create an executable file: Type in the command line:

    > chmod +x decrypt_data.pl

  • To decrypt data included in a tree of directories and subdirectories, type in the command line:

    > decrypt_data.pl -d directory

    Using GPG 1.2.6

    Enter the password:

    and enter the password or decrypting key at the prompt.

    If this does not work it is because you do not have decrypt_data.pl in your path. You may change your path in your .cshrc or type in the command line:

    > ./decrypt_data.pl -d directory

    If the directory is not specified on the command line the script will prompt for the directory. There is the possibility to run the script to decrypt files in directories and its subdirectories or single file. To decrypt a single file it is sufficient to specify the filename on the command line.

    > ./decrypt_data.pl filename

    The script allows for the specification of the password on the command line using the option -p. The password must be surrounded by single quotes in all shell enviroments. Also, if you are using csh or tcsh you should be aware that if the decrypting password contains the special characters ! or ~ (i.e. exclamation point or tilde) they must be preceded by a backslash (\). The sh, ksh, and bash shells do not require this backslash. For example, assume that your decrypting key is ffg&$!6]~r if specified on the csh or tcsh command line, this should be given as

    > decrypt_data.pl -p 'ffg&$\!6]\~r'

    Single quotes in the password key are also a problem on the csh or tcsh command line. If the key contains a single quote the key has to be separated to include the single quote in double quotes. For example, assume that the key is fa'ka&fr7%" to pass this key on the command line here is the syntax to use 'fa'"'"'ka&fr7%"' on the command line

    > decrypt_data.pl -p 'fa'"'"'ka&fr7%"'

    The script will check if you have PGP or GPG installed in your machine. If you have both installed, by default it will match the software type with the file extension, e.g. if the file extension is .pgp will use PGP. You have an option to force to use GPG or PGP (see below). If you have PGP or GPG installed the script will decrypt the data and save the decrypted and the encrypted files in the same structure of directories and subdirectories.

  • To force the use of GPG, type in the command line:

    > decrypt_data.pl -d directory -g

  • To force the use of PGP, type in the command line:

    > decrypt_data.pl -d directory -f

  • You also have the option of deleting the encrypted files. To do so, type in the command line:

    > decrypt_data.pl -d directory -r

  • For a description of the script and all command options, type in the command line:

    > decrypt_data.pl -h

  • To see the version of the script, type in the command line:

    > decrypt_data.pl -v

If you are running the script on the Mac, you may see the following WARNING message:
WARNING: message was not integrity protected
This is not important and the data are correctly decrypted.

Do you want to know more about PGP and GnuPG?

PGP (short for Pretty Good Privacy) is a popular key encryption package originally written by Phil Zimmermann in 1991. It is used to protect the privacy of the data. GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions.You can go to PGP Histoty to read more about the PGP history. To read more about GnuPG go to: http://www.gnupg.org/


HEASARC Home | Observatories | Archive | Calibration | Software | Tools | Students/Teachers/Public

Last modified: Thursday, 19-Oct-2006 11:52:30 EDT