PGP encryption in pre-request script?

🙋 Help
1

I have a public key and I need to encode some values in my request. There may be a fundamental step I’m missing. I’m expecting to do the following:

  1. Get the public key I need. I’ve already saved it as an environment variable from a previous request.
  2. Create a json string of the data I need to encode. This looks correct in the log
  3. Encode the json string from step 2.
  4. Save the encoded value as an environment variable.
  5. Use the environment variable in the request.

Step 3. is the step I’m struggling with. I had expected the key to be RSA, which isn’t included in CryptoJS, but the Base64 decoder shows it as PGP, which also is not in CryptoJS.
I’m also unsure if step 1, setting the value for pubKey is correct, but can’t confirm it until I can use it.

My script is:

const pubKey = CryptoJS.enc.Base64.parse(pm.environment.get("publicKey"));
const dateNow = new Date();
var details = JSON.stringify({
    "mainDetails": "QWERTYUIOP"
    ,"name": pm.variables.replaceIn('{{$randomFullName}}')
    ,"year": "2020"
    ,"captureTime": dateNow.toISOString()
    });
console.log(details);

//AES is incorrect, but PGP and RSA are invalid. 
var encrypted = CryptoJS.AES.encrypt(details,pubKey);  
pm.environment.set("encryptedDetails", encrypted);

AES is not valid there, and that’s where I would have expected RSA or PGP.

My request body is:

{
  "encrypted_details": "{{encryptedDetails}}",
  "public_key_alias": "{{publicKeyAlias}}"
}

My public key (test data) is:

LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IEJDUEcgdjEuNjIKCm1FOEVZQ3IwclJNRks0RUVBQW9DQXdUOFJnMmhUTW5KWmR6M09ZaWpwM3pvZ2lSS2p1bGxlcjhhbG1LczNGeWkKL0ZxM1FlUFJxNitzUVBlMS85TTJEK3A2K2E0RXhrQ1VRazQxNFZ5WnRtNGV0QUNJZEFRVEV3Z0FIQVVDWUNyMApyZ0liQXdZTENRZ0hBd0lHRlFnQ0NRb0xCQllDQXdFQUNna1FIUzFBTnpXVnQzVjAzd0VBcDVjNHF0YWhhcm5tCk1KOHhISEZncTF3OVN5bmpBdXRtamovMzA3NmlFemNCQVBhVzFaR1NDcVFmcWgwcFAwdGkxVXVOR3Q3dmRUdnIKVGYvUzdpT3FBOWpsdUZNRVlDcjByUklGSzRFRUFBb0NBd1Q4UmcyaFRNbkpaZHozT1lpanAzem9naVJLanVsbAplcjhhbG1LczNGeWkvRnEzUWVQUnE2K3NRUGUxLzlNMkQrcDYrYTRFeGtDVVFrNDE0VnladG00ZUF3RUlCNGhuCkJCZ1RDQUFQQWhzTUJRa0paZ0dBQlFKZ0t2U3RBQW9KRUIwdFFEYzFsYmQxQS9jQStRRXVlZUJIRFU5SFZZaVcKUWFwdE4rdkZnVFlkYWJkSXdReUFuMmJhMmJDVEFQNHJ6SktoS1JrbHBZb1V3SDYzV1g2RVR5V045UWc0bDlxZQpVVm1zZVhFQXRnPT0KPWhoa1QKLS0tLS1FTkQgUEdQIFBVQkxJQyBLRVkgQkxPQ0stLS0tLQo=

Using a Base64 decoder I see it is:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG v1.62

mE8EYCr0rRMFK4EEAAoCAwT8Rg2hTMnJZdz3OYijp3zogiRKjuller8almKs3Fyi
/Fq3QePRq6+sQPe1/9M2D+p6+a4ExkCUQk414VyZtm4etACIdAQTEwgAHAUCYCr0
rgIbAwYLCQgHAwIGFQgCCQoLBBYCAwEACgkQHS1ANzWVt3V03wEAp5c4qtaharnm
MJ8xHHFgq1w9SynjAutmjj/3076iEzcBAPaW1ZGSCqQfqh0pP0ti1UuNGt7vdTvr
Tf/S7iOqA9jluFMEYCr0rRIFK4EEAAoCAwT8Rg2hTMnJZdz3OYijp3zogiRKjull
er8almKs3Fyi/Fq3QePRq6+sQPe1/9M2D+p6+a4ExkCUQk414VyZtm4eAwEIB4hn
BBgTCAAPAhsMBQkJZgGABQJgKvStAAoJEB0tQDc1lbd1A/cA+QEueeBHDU9HVYiW
QaptN+vFgTYdabdIwQyAn2ba2bCTAP4rzJKhKRklpYoUwH63WX6ETyWN9Qg4l9qe
UVmseXEAtg==
=hhkT
-----END PGP PUBLIC KEY BLOCK-----

I am using Postman v8.3.0

  1. Is my approach valid?
  2. How can I encrypt my data using the public key I need to use?
1 Like
2

I’m facing the same problem. Did you find how to do PGP in Postman?

3

Unfortunately no. I need to do the PGP encryption outside of Postman, so I do the base64 encoding outside also, and past the result into an environment variable to use.

4

it’s a pretty old discussion, but after several research I found a very interesting github fork of openpgpjs that solve your problem!
https://github.com/maasdi/openpgpjs-for-postman

in pre-request script I added

if(!pm.environment.get("openpgp")) {
    pm.sendRequest("https://maasdi.github.io/openpgpjs-for-postman/dist/openpgp.min.js", function (err, responseBody) {
        if (err) {
            console.log("Error downloading script: " +err);
            return;
        }
        pm.environment.set("openpgp", responseBody.text());
        console.log("openpgp downloaded!");
    })
}

then in Tests I used it for my needed

eval(pm.environment.get("openpgp"));

(async () => {
    const publicKeyArmored = pm.environment.get("public_key");
    const credentials = {
            "username": pm.environment.get("TLD_US"),
            "password": pm.environment.get("TLD_PA"),
          }

    try {
        const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });

        // Encryption
        const encrypted = await openpgp.encrypt({
            message: await openpgp.createMessage({ text: JSON.stringify(credentials) }),
            encryptionKeys: publicKey,
        });
        pm.environment.set("credentials_encrypted",'"' + encrypted.replace(/\n/g, "\\n") + '"');
    } catch (e) {
        console.error('Error:', e.message);
    }
})();
5

Thanks. I’ve changed companies since I asked that, and I am not doing anything related to encryption, so I can’t check easily. Hopefully your answer works for someone else looking for the same thing.