Encryption and Digital Signatures using GPG

DISCLAIMER: Author is not an expert in cryptography (he is not an expert in anything really). Use this stuff at your own risk. If you find bugs or inaccuracies, please create an issue or PR on the github repository.

GPG basics

The GNU Privacy Guard, also known as GnuPG or simply GPG, is a popular open source OpenPGP (RFC4880) implementation. The system is widely trusted for securing integrity and confidentiality of internet communications through various cryptographic methods. GPG is used in Debian and Redhat to verify downloads from package managers (apt, yum) and people like Edward Snowden and Glenn Greenwald use it to encrypt confidential emails.

Public key crypto

Like most modern crypto systems, GPG makes use of public key methods. You can easily generate a personal keypair which consists of a private key and corresponding public key.

Your private key is to be kept secret and needed to sign or decrypt messages. The corresponding public key should be made available to anyone that needs to verify your signature, or encrypt messages which can only be decrypted by you.

Once we have someones public key, we can send them secure messages and verify their signatures. However how do we find and authenticate the public key of a person or server if we have talked to them before?

Web of trust

The complexity in public key systems derives from authenticating public keys. If we can not trust our communication channel to be safe, we can only be sure that a public key belongs to given person is it has been signed by someone that we do trust.

The major difference between GPG and PKI systems (such as HTTPS) is how we authenticate public keys. HTTPS is based on a system with Certificate Authorities (CA). Anyone can create a keypair for any domain/personal name, however we only trust public keys which have been signed by an official CA. This CA is typically a commercial vendor which verifies your identity (e.g. via a copy of your passport) and then uses their own keypair to sign a certificate containing your public key and your personal name / email / domain.

GPG uses a different system which does not distinguish between peers and authorities. In GPG, anyone can sign another persons key. The GPG user determines which peers they choose to trust in their personal keyring. For new peers, the GPG software helps you figure out which of your current peers has verified the identity of the new peer, perhaps indirectly via a third or fourth peer, and so on: a “web of trust”.

The easiest way to exchange public keys and key signatures is via a keyserver. GPG is compatible with existing PGP key servers. These servers mirror each other so most keys are available on either one. This package automatically retrieves keys and signatures via the gpg_recv function.

• https://pgp.mit.edu
• https://keyserver.ubuntu.com

GPG keyservers do not need HTTPS. One should only trust GPG keys on basis of GPG signatures, regardless of how they were obtained. For this reason it is also valid to share GPG public keys via e.g. a website or email.

Your keyring

It is important to know which version of GPG you are running and where your home dir is. Your home directory contains your configuration and the keyrings. GPG defaults to your system keyring, which is the same as the gpg command line utility and system package manager use.

str(gpg_info())

List of 5
 $ gpgconf: chr "/usr/local/bin/gpgconf"
 $ gpg    : chr "/usr/local/Cellar/gnupg2/2.0.30_2/bin/gpg2"
 $ version:Class 'numeric_version'  hidden list of 1
  ..$ : int [1:3] 2 0 30
 $ home   : chr "/Users/jeroen/.gnupg"
 $ gpgme  :Class 'numeric_version'  hidden list of 1
  ..$ : int [1:3] 1 7 0

Use gpg_restart to switch to another home directory, e.g. for a client which uses its own configuration and keyrings. For this example we store keys in a temporary directory.

gpg_restart(home = tempdir())

gpg (GnuPG) 2.0.30
libgcrypt 1.7.3
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA, RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Use gpg_list_keys() to see the current contents of your keyring. It is empty to start with:

gpg_list_keys()

[1] id    name  email
<0 rows> (or 0-length row.names)

Generate keys

Use gpg_keygen() to generate a new public private keypair:

(mykey <- gpg_keygen(name = "Jerry", email = "jerry@gmail.com"))

[1] "07A3C27F30202603"

gpg_list_keys()

                id  name           email
1 07A3C27F30202603 Jerry jerry@gmail.com

Import from keyserver

Use the gpg_recv function to download a given key and all available signatures for this key from a keyserver. For example let’s import the public key from Michael Rutter which is used to sign the Ubuntu r-base packages from CRAN:

gpg_recv(id ="E084DAB9")

Searching: https://pgp.mit.edu

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

(keyring <- gpg_list_keys())

                id           name              email
1 07A3C27F30202603          Jerry    jerry@gmail.com
2 51716619E084DAB9 Michael Rutter marutter@gmail.com

Note that for imported keys, we do not have the private key:

(secring <- gpg_list_keys(secret = TRUE))

                id  name           email
1 07A3C27F30202603 Jerry jerry@gmail.com

Import from file

The gpg_import function reads an armored GPG key from a file or URL:

gpg_import("https://stallman.org/rms-pubkey.txt")

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

However this file does not contain any signatures for this key. If we import it from a keyserver we also get the signatures:

(rms_id <- gpg_list_keys("rms")$id)

[1] "2C6464AF2A8E4C02"

gpg_recv(rms_id)

Searching: https://pgp.mit.edu

     found   imported    secrets signatures    revoked 
         1          0          0        106          0 

gpg_list_signatures(rms_id)

                  id           timestamp             name       email success
1   2C6464AF2A8E4C02 2013-07-20 18:32:38 Richard Stallman rms@gnu.org    TRUE
2   624DC565135EA668 2013-07-20 18:37:45                                FALSE
3   F05DDAE40371FCE5 2013-09-15 23:18:46                                FALSE
4   231696C3EAE0078A 2013-09-24 23:15:58                                FALSE
5   7B585B30807C2A87 2013-09-28 22:59:04                                FALSE
6   7CEF29847562C516 2013-09-29 04:59:53                                FALSE
7   9C19DB3C039ACDF0 2014-01-07 01:15:13                                FALSE
8   1777288D64D0EEB6 2014-03-12 09:17:31                                FALSE
9   B30B28D729AEFC28 2014-04-26 05:08:37                                FALSE
10  37908B4CF343E5FC 2014-11-01 18:39:25                                FALSE
11  1EB69819D7877A20 2015-11-02 07:07:28                                FALSE
12  31CC32CEF78F3EE4 2013-08-29 13:37:52                                FALSE
13  8E549D02234CC324 2013-10-03 09:36:24                                FALSE
14  22EEE0488086060F 2014-10-30 22:58:00                                FALSE
15  72B93490AFB5BB0D 2014-07-22 05:25:48                                FALSE
16  520E0C8369B003EF 2013-08-20 12:31:55                                FALSE
17  8916CADF8ACD372A 2013-10-02 13:17:17                                FALSE
18  C4D748C31C0E017F 2013-11-02 14:13:29                                FALSE
19  22A73C6B32388E27 2014-03-26 15:24:53                                FALSE
20  7468A7AAC0B08E7F 2014-06-02 12:23:32                                FALSE
 [ reached getOption("max.print") -- omitted 90 rows ]

The signature only contains the key ID of the signer. You would need to download the corresponding pubkeys to actually verify these signatures.

Export a key

To export our newly created public key:

str <- gpg_export(id = mykey)
cat(str)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mQENBFgV0nUBCAD1i3cjCDKW/qFGS8eKRDHdLrpRdxx37raj/SkKTsgbkn2jIO1o
lGsdXdLBuIRv7z6t1VkxXL3ceiaOD+eE5WJe5GR/GIXoRmMlR2AjKGpfXhcZ3Quh
auFwTWbUNJqHSvU500g8G3W5bd+UDgtTKJgR42V469qLdFyAN6E9TLcQyUJEMqar
2RM1ADTxda5A8vGFL+JQO1jwzBrkNPmaF4SfH6oDqq7PYPehZ4OuK/9Y9xkzh+KP
nNeJGfUGytAyC+M6ziG+8iOOzcg6Gmxk8bnJwHEPytnmVopRBBja/64pXDhFHSmS
/R6K3zuUbst0lCvZvCAzRFWuSstE4EHjRsxvABEBAAG0F0plcnJ5IDxqZXJyeUBn
bWFpbC5jb20+iQE5BBMBCAAjBQJYFdJ1AhsvBwsJCAcDAgEGFQgCCQoLBBYCAwEC
HgECF4AACgkQB6PCfzAgJgNtHQgAkeQdnF+9rptCzN/mf0AZKAY4qgNarkQ+oCpf
jVwSa2gjUP6KHHp5VmYBlu987FJA10JFnF00jwI0U+IvjTOmOy0bHHj0wZ7pKKAM
2BPs+3+3upxT627gYjlGuVcUaQRyzalFpbux0o1MvDygaeaMgxVMCC/xiClYlc5k
B+GsUcMmCaQZ2QK+6JorOsTAYpUv/EqWag4y2GZGCIdyLuXLl6QEhWGWDfASPQC/
z2moUhdpMSmodPg+tFE8YVQ4/VGglr7Yt2FuzpY3udFNHJqqGl2JMBCVgSic9qmw
KNqSj77Ojvze1npWIaVHctwYaAv0+/CNZXOnQVWYvLDDDZVC+g==
=+R1p
-----END PGP PUBLIC KEY BLOCK-----

If you also own the private key you can export this as well:

str <- gpg_export(id = mykey, secret = TRUE)
cat(str)

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: GnuPG v2

lQOYBFgV0nUBCAD1i3cjCDKW/qFGS8eKRDHdLrpRdxx37raj/SkKTsgbkn2jIO1o
lGsdXdLBuIRv7z6t1VkxXL3ceiaOD+eE5WJe5GR/GIXoRmMlR2AjKGpfXhcZ3Quh
auFwTWbUNJqHSvU500g8G3W5bd+UDgtTKJgR42V469qLdFyAN6E9TLcQyUJEMqar
2RM1ADTxda5A8vGFL+JQO1jwzBrkNPmaF4SfH6oDqq7PYPehZ4OuK/9Y9xkzh+KP
nNeJGfUGytAyC+M6ziG+8iOOzcg6Gmxk8bnJwHEPytnmVopRBBja/64pXDhFHSmS
/R6K3zuUbst0lCvZvCAzRFWuSstE4EHjRsxvABEBAAEAB/wLcETLh/07VX9T1AHm
qgicoimh0+eqmp89gnSf+02NI0ThDY6huZBH3PANgDgDMuT7mh2+k/BwTexv38PM
SBdODlu0JANQ7758pReQa7iQ2sQ+uzJogZ8g6SoqJo0wUkicOgB6dFkGm1y3+/OB
GzoCU1KN0Ibsyi3o9y52uZUpne8xN870cg49L+s3ndy+Mw7m8umfuM+KO7gpSCII
vAZR8jd1kvsG8VaX+4moitnyygvdGKlvFSj70KTXS7b1GcbYgETNCGoV1sRi6Nqv
U2N0URstMYA64fJOGSVXW/jdg9wZASp4q3KQWh8iP6VGe4H+XI76f0bNcPkouLQC
7vEpBAD5LzA6Hr0Lhv0Z0WP0q0/tMYfeHC8jKiqSX33KzaGATb7rDV8tPMkg5sVv
OZGNNAqVyUjVhKrc9fJEXaY4122IeDzWRqUeiD+omTktgkpqO6WCHZJ45eALPeJl
CCiqTBPOSQHmtXaQ2O1UHoECbsw1XBOsSrtzI7AS9lVTJrXa5QQA/ELK5khvEeOq
BXJSQsLZgxw+5uLCOw4NFQ3fZ77Jx8d69SXizvly5iGCKZRXJ8w1fl83thwVxyz4
gqGMttBedr5IERVr3gNhlEspukzjSIlHVWNdEhChqhZHu/+spqn9EEZLGcqqbCvO
5asxfmI0Qni/kUB5WOFTerODEqfb0MMD/RH4YbQVjo4BtnmcJe2k6Gs+F0QgCq/1
78FmzTR4HydZI6hvN89ubIrI57OK7BM46rHPvpfgBa0ETKsXVc7MAY+YxOI27dZ0
WrrfKgCFsVN9ajOLjBeOy7R6q4qhXvQH8BIQKfwI5baSlV3aDdUwVumE2kiXg0Jc
DqA2Mh5afVrJO++0F0plcnJ5IDxqZXJyeUBnbWFpbC5jb20+iQE5BBMBCAAjBQJY
FdJ1AhsvBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQB6PCfzAgJgNtHQgA
keQdnF+9rptCzN/mf0AZKAY4qgNarkQ+oCpfjVwSa2gjUP6KHHp5VmYBlu987FJA
10JFnF00jwI0U+IvjTOmOy0bHHj0wZ7pKKAM2BPs+3+3upxT627gYjlGuVcUaQRy
zalFpbux0o1MvDygaeaMgxVMCC/xiClYlc5kB+GsUcMmCaQZ2QK+6JorOsTAYpUv
/EqWag4y2GZGCIdyLuXLl6QEhWGWDfASPQC/z2moUhdpMSmodPg+tFE8YVQ4/VGg
lr7Yt2FuzpY3udFNHJqqGl2JMBCVgSic9qmwKNqSj77Ojvze1npWIaVHctwYaAv0
+/CNZXOnQVWYvLDDDZVC+g==
=t59U
-----END PGP PRIVATE KEY BLOCK-----

Delete a key

Delete a key from its ID or fingerprint. Let’s delete the RMS key:

gpg_delete('2C6464AF2A8E4C02')

[1] "2C6464AF2A8E4C02"

gpg_list_keys()

                id           name              email
1 07A3C27F30202603          Jerry    jerry@gmail.com
2 51716619E084DAB9 Michael Rutter marutter@gmail.com

Digital Signatures

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. If you sign a file using your personal secret key, anyone can verify that this file has not been modified (i.e. the hash matches the one in your signture) via your public key.

GPG signatures are widely used by Linux package managers such as apt to verify the integrity of downloaded files. Typically the public key is shipped with the OS, and the private key is owned by the repository maintainers. This way we can safely install software from any mirror or network.

Sign a file

Let’s use the private key we generated earlier to sign a file:

myfile <- tempfile()
writeLines("This is a signed message", con = myfile)
sig <- gpg_sign(myfile)
writeLines(sig, "sig.gpg")
cat(sig)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAABCAAGBQJYFdJ4AAoJEAejwn8wICYDSOMH/3nO4XdGLZ5LRqqvB3QyiMx1
LjALHwMRkwP7S4ZY8sqYXESZGhZCLOeMHwFbtQTssjwyS8C88o3mufbu99Ka7qS/
O4DOPHKE4ld+Tad760IGQy0dxsN6kZfYPFIY48AHBtP9idQxwVsrJapFasM75ueL
Cs9kuXKQWP92VGPgBa08RwQCAB5m2feyORk4cqV19utPdDcvDdrZk4RTWYqODxH+
xHJqq5XQNWv/i87wTGZJ2GUxTR3s6JWlaj0Z84HcxzF9lrRI/B+wqn08VEhHQq2q
f6uYX+30+oQBfCKGMFGE5xSHwPbDHqgCnHlK46pg5s4eNb+DqGLSxjkbFBrqAHc=
=SHtU
-----END PGP SIGNATURE-----

You can also create a signed message which includes the data itself by setting mode to normal or clear, which is useful for email:

clearsig <- gpg_sign(myfile, mode = "clear")
writeLines(clearsig, "clearsig.gpg")
cat(clearsig)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This is a signed message
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYFdJ4AAoJEAejwn8wICYDw/QIAL2Cwk7kdOquYdnK5YSllRuz
ytQU75/ZyT0pMg0N0o+IjmFljAGnrSg2Xyydik8ph8GzY9aZqjB8Cgj0bWIEr/Vv
CxN04yoBgYqihM/jOjBsWRJ02jJjF8MHVAZafx8G6bB99B0aou2j/HuGPMwcLHGh
HI2HliboqkkkorKnb3aw7X/z5FIoBWdDfjRp1UPPn0nxKUyA9+IvPdYxyiFIuf3z
NuVyJjm0Ph7v5mFqIEmDSf0M8YfRAeu9PM0/kTbYP9FTDB3G1R2g168WjmFtq0M4
oFfh/p9CgI0Bz/+iUmR5ruxFAlAr/e9ZkKeHVbrWW4oevHOK1tLRB+tzUljVYDo=
=q1xC
-----END PGP SIGNATURE-----

Verify a signature

The gpg_verify function will see if a signature is valid for any of the keys in the keyring:

gpg_verify("sig.gpg", data = myfile)

                               fingerprint           timestamp   hash pubkey success
1 96FBFD45FE2614F89E3C91D107A3C27F30202603 2016-10-30 11:59:04 SHA256    RSA    TRUE

If the signature is in clear or normal mode, the signature file contains both the message and signature:

gpg_verify("clearsig.gpg")

                               fingerprint           timestamp   hash pubkey success
1 96FBFD45FE2614F89E3C91D107A3C27F30202603 2016-10-30 11:59:04 SHA256    RSA    TRUE

Debian example

Let’s verify a Debian file. The Debian page on CRAN says the following:

The Debian backports archives on CRAN are signed with the key of Johannes Ranke (CRAN Debian archive) jranke@uni-bremen.de with key fingerprint 6212 B7B7 931C 4BB1 6280 BA13 06F9 0DE5 381B A480

Let’s import his key so that we can verify the Release file, which contains checksums for all files in the repository:

# take out the spaces
johannes <- "6212B7B7931C4BB16280BA1306F90DE5381BA480"
gpg_recv(johannes)

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

If you don’t trust the CRAN homepage, you could check who has signed this key. You’d need to import the corresponding peer keys for more information.

gpg_list_signatures(johannes)

                id           timestamp           name                email success
1 2F0F4E14F649AF90 2007-02-15 12:06:05                                       FALSE
2 EF7CDA710BAEFEE5 2010-02-24 18:55:22                                       FALSE
3 06F90DE5381BA480 2007-02-15 09:13:25 Johannes Ranke jranke@uni-bremen.de    TRUE

Now lets verify the release files:

# Verify the file
library(curl)
curl_download('https://cran.r-project.org/bin/linux/debian/jessie-cran3/Release', 'Release')
curl_download('https://cran.r-project.org/bin/linux/debian/jessie-cran3/Release.gpg', 'Release.gpg')
gpg_verify('Release.gpg', 'Release')

                               fingerprint           timestamp hash pubkey success
1 6212B7B7931C4BB16280BA1306F90DE5381BA480 2016-06-22 09:26:03 SHA1    DSA    TRUE

Looking good! We can trust the checksums in the Release file to be legitimate.

Anonymous Encryption

GPG uses public key encryption. You can use someone’s public key to encrypt a message or document, in a way that only the owner of the corresponding private key will be able to decrypt. This is a great way to send somebody highly confidential data.

Encrypt a message

For example we want to send an email Glenn Greenwald containing top secret information that may not be snooped by our ISP or government. His homepage at the intercept shows his GPG key in long form.

glenn <- '734A3680A438DD45AF6F5B99A4A928C769CD6E44'
gpg_recv(glenn)

     found   imported    secrets signatures    revoked 
         1          1          0          0          0 

writeLines("TTIP is super evil!", "secret.txt")
msg <- gpg_encrypt("secret.txt", receiver = glenn)
writeLines(msg, "msg.gpg")
unlink("secret.txt")
cat(msg)

-----BEGIN PGP MESSAGE-----
Version: GnuPG v2

hQIMAzCzOshC83uFAQ/9ESyApOMu5NU2DEqn2pTW39qQo4YUNuSVBOzq/3rIOZJF
fJ1VW4b/1uGXaYtyMW23sirMhidOZBbzjGI2mcdgyO9evaZ9zL2n3eKWsCvnhNlM
nPYhRByiHC9fjFnkDrku/ENseaYJKftcJ+2IfExSI3f4hTq/ZKHTEVPi37XjjYcq
tzPAIzJRDsnU9BRSXkY6nEYX5k8wWeEgLUrGEBlmIaC8UEYltLUaCIhOje+1Nfxl
PyMKltr7ZdUsysGPDC+NWDpVDgAOs13Dr30BVFxFRBtQUqZu1PpnjbzsfUDW/KQo
mBouTSPEQ0wE0YMovES3pCZCO+m0R0kyxp7GAfDoMgFjPvixrk4l7rLOJaKRH7uD
FmBhRhOnw2jHZooy9GNg8yXA77ANNr+vCnrY/9G7uA2rhHqdvtZ0td80HoNwxBq+
p4D2epqVYRLPXwinRgm28+6t3exjpiHIb3wUUqgDyyf9qM3ouqK2pBh5ZxC9Lp5b
/H00jSojGX3Y1HWwgRZiyfzlD0FNzHjiIRfiM+9kJR1QO/UCP/BXcJdd4koeahrT
fqkwQuyBbpnlKP6rN5K4MTxWbDvynidQiJXul9eTi1M3QlB5n61lxShdRw3TWwk7
X8U1dk8+hzFF8TY9EW5CAlYguOrhmyLXrV+ivDiMn+PquJc6F7AQCOz7jFWA2fTS
TwGQOaMKi74zsQ0/fIV7PBFuWXCxDnhYOl7Rof5ZnbLV9iNwlyM8XtarA/Spfp4v
wZaKTrQqUHu+7XcRqteUZiG0g7f+s7SDUxrB3pe7t8g=
=/cSP
-----END PGP MESSAGE-----

You can safely send this message over any channel (email, twitter, etc). Nobody in the world (not even ourselves) will be able to decipher this message, except for Glenn Greenwald.

Decrypt a message

Decrypting a message is even easier, you don’t have to specify a key. GPG will automatically pick the correct private key from your keyring, and error if you don’t have it. For example we will not be able to decrypt the message we created above for Glenn Greenwald.

# This will error, we do not have this private key
gpg_decrypt("msg.gpg")

Error: GPGME verify signatures and decrypt message error: Decryption failed

To demonstrate decryption, we encrypt a message using our own keypair (for which we own the private key).

writeLines("This is a test!", "secret.txt")
msg <- gpg_encrypt("secret.txt", receiver = mykey)
writeLines(msg, "msg.gpg")
cat(msg)

-----BEGIN PGP MESSAGE-----
Version: GnuPG v2

hQEMAwejwn8wICYDAQgAvcqXBDnRv0m6J2yvMDTDNIZcSIolKKRHlsaFEEMtkOkx
W1PclCTo0WZsLkYQ38kRUhDbfZ/16MvU22GMKEY/59y7xCm/0MSyciy57p30kn/q
GzX6kY0BtNMXamlUkZrVbiE1/LkuAAKiYsXvsxPD4ATPQ99W07vW2mBFbSs7b+Ix
TkAUtNiHnTdf1Krpo5yqUi3agwQZEMww6OvOhMb6pU3RJ4P0t6NkFb2PdWEQgjHO
mh9pDHjshwcRaMUk6OYY4K7g56enalaJnqwlD/ONljY68PqmTM5mR3Wv0Wyaw9AU
YdB+h8eGEFavLStIIOAwTs2I9EhQOdybFh44lyHN89JJAUITB4ndgqn/WrX+GeJY
fqseILCRCehcjo5DOUULi5V8vt1mp6CUvGHhBXsBow6HusfvFtOs9TcSATMxr2jE
ZQGAFT7vT/CvPg==
=XAQN
-----END PGP MESSAGE-----

Decryption is simple, given that we own the secret key for the message:

gpg_decrypt("msg.gpg")

[1] "This is a test!\n"

Authenticated Encryption

So we showed how to encrypt a message so that it can only be read by the receiver. But how does Glenn Greenwald verify the sender of this information? Perhaps someone is trying to leak fake documents?

Sign and Encrypt

In signed encryption, also known as authenticated encryption, uses combined encryption and signing. The public key of the receiver is used to encrypt the message, and the private key of the sender to sign the message. This way the message is both confidential and the integrity of the sender can be checked and verified, only by the receiver.

msg <- gpg_encrypt("secret.txt", receiver = glenn, signer = mykey)
writeLines(msg, "msg.gpg")
cat(msg)

-----BEGIN PGP MESSAGE-----
Version: GnuPG v2

hQIMAzCzOshC83uFAQ/+PXcuhQ40SRksA9acHTWPW/1wkUwz1jPQGg+PqFsXKhsL
NrLJnsdYwtteps/ftmK0JEhfNNrhNEAmN8yxpBgQAqGmWnJnrtUYpz8Of1Bc9Vbw
IXMRWXmt3kGrfzna+iPw+L6jp8TG3TG3BBt+7bXXe1hlIw8JjEeKFIXybyrigJDe
ElBiUV2xuw7Fq0oqDgsczIacr+s8myWYh9vhSI25baadCLPn6QPDi77dlFGtbtxw
rgeH0gnDsK0vBcOGNdzffyJPALHl/rBGF8ynq3asZYL8RoSLwDZmC/qtknmDzVEP
klyn7ddAmgcRO541wlJizVPWMftPEwNfix7UJx7wEwrgLGe0MusoVgrPeQjWeutB
ILJK32v3Kbea4P9P5IAS9i88abNE/NaQ7DRpxSK+Vbcfv+oQ3QbaQmjRU8g0H2yF
TLbYQEUT3oVf/Rw2Y3BuJbhoHJ1wao6/KjS2fCiFneLl3rqxlJIGUoWf2uoKLNc2
aAtNPEsJb+uox7VfgEYh22XcknaiK2O10J6NmL8ks6S7cmBGIqDNlFX7Dx0bgwFp
IfhRvwb6sMnY85ps7qfYnrW0WFhu8cEQVrhdcMHoOZ7lANmxuGKMAQw5FRy87VmA
XZl33Fd582mw3x7gWdUoMMxyq1ubzX5dkvKO2g09VqSTKo/8Fy8Fg+jnzVF/udvS
wLwBPOETcy6C0cRh51RxD3ejoZWTOCU5u6Mzovu9qC7yNpWRkFb/m5rtz4e9VFO8
hsE2c9+F0XWhHDjFvI5djeHr5JZIRZn30XVhuoGFEVcu0mxTi7rhBwKrAzPTkKYi
+xUldgQ4Befkxou+4e5k+M7sscpcM/zJXXek25b6zuHauLDaTePu88OQqR3OnlNP
hwrRH0M3cF/O7jfvrhNm5MMTUNIi7c68k9/a7vMUqLCOCAe3B0JoQzrFOQEXBrCM
NImQLj/YEHxq0O47TnM8O9E7pZW8rj676EpmDI3ziKNhLwmF6HVtTbocewmO5UqI
poT+3Qtyuac4wbU8IRPgOxc3GdxNPMTrk+8PrHmkyfuwLUqfAwLOSWI2ZvoBJUyw
nLUOcp5NOg2Kxq5xN/d+GPFjeYMdqJwvGUYvZZRFCX7vHkt9GvJsr3vGuc1xntxd
lt9cHM9gRp7igousWWS745apYN0AiD45v5ufFqZDr3WFod3MG8k9cSNbzwn/fg==
=XvJU
-----END PGP MESSAGE-----

Decrypt and Verify

If the encrypted message contains a signature, it will automatically be verified when the message is decrypted. The function raises an error otherwise.

For purpose of illustrating authenticated decryption, we encrypt and sign using our own key (which usually does not make sense):

msg <- gpg_encrypt("secret.txt", receiver = mykey, signer = mykey)
writeLines(msg, "msg.gpg")
gpg_decrypt("msg.gpg")

[1] "This is a test!\n"
attr(,"signer")
[1] "96FBFD45FE2614F89E3C91D107A3C27F30202603"

The signer fingerprint (if any) will be added as an attribute to the decrypted message.