Encrypting outgoing files with sensitive data

The PGP encryption for outgoing files functionality is included in the 2022.01 release. The PGP encryption is supported when the XMDBToolBkg.DOWNLOAD_DATA_PROC or download_data process is triggered.

For encrypting the outgoing files, you must perform these tasks:

  1. Upload the PGP public key with the upload_key.bat -keyfile <public.key> -keytype pub -recipient <recipient> command. Configure these application parameters:
    • keyfile: Specify the public key file location in the client machine.
    • keytype: Specify the type of the key. The type of the key can be private or public. Specify pri if the uploaded key is private and pub if the key is public. Specify deem_priKey_alias as a keyType to upload deem private key. You cannot specify any other type.
    • recipient: Specify the recipient that is required to encrypt the files. This value is prompted when the PGP key-pair is created.
  2. Add the encryptOutFiles parameter in the command line and set the value to 'true'. The encryptOutFiles parameter is added to XMDBToolBkg.DOWNLOAD_DATA_PROC and download_data.bat/.sh process.
    Note: The outgoing file name is retained without the .gpg extension to comply with the customer naming convention.