# Using encrypted files in your builds

Abstract

You can use encrypted files on Bitrise, easily. After encrypting the file on your computer, upload it to the Generic File Storage and use the Decrypt file Step or your own custom decrypting solution to decrypt it when you need it.

You can use encrypted files on Bitrise, easily and securely. All you need to do is encrypt the file on your computer, upload it to the Generic File Storage and use the Decrypt file Step or your own custom decrypting solution to decrypt it when you need it.

### GPG encryption

Please note that the Decrypt file Step only decrypts files encrypted with GPG. If you use other encryption software, you will not be able to decrypt files using the Step. You can, of course, set up your own decryption solution in a Script Step.

In this example, we’ll use the pwgen password generator tool and GPG as the encryption software to encrypt a file.

1. Open a Terminal/Command Line.

2. Create a 32 character passphrase for encryption.

### Keep the passphrase

You will need this passphrase to decrypt the file on Bitrise.

  pwgen -s 32 1
3. Encrypt your file. In this example, the file is called my_secret_file.

gpg -c my_secret_file

Optionally, you can encrypt your file(s) in a non-interactive way.

gpg --batch --passphrase <passphrase> -c my_secret_file

After you successfully encrypted a file, you need to upload it to Bitrise and you need to be able to decrypt it during the build. In this procedure, we'll use the Decrypt file Step to decrypt the file.

### GPG encryption

Please note that the Decrypt file Step only decrypts files encrypted with GPG. If you use other encryption software, you will not be able to decrypt files using the Step. You can, of course, set up your own decryption solution in a Script Step.

1. Open your app on Bitrise.

2. Click the button on the main page.

3. Go to the Secrets tab, and add your decryption passphrase as a Secret.

4. Upload the file to the Generic File Storage on Bitrise.

5. In the Generic File Storage, copy the Environment Variable (Env Var) under the name of the uploaded file. This Env Var stores the download URL for the file.

6. Go to the Workflows tab.

7. Select a Workflow from the WORKFLOW dropdown menu.

For example, if you store the path in the BITRISEIO_MY_FILE_LOCAL_PATH Env Var, you can use it as the path for the input, and also use it to access the file in every subsequent Step.