Skip to content

GPG (.gpg)

.gpg file signature | application/pgp-encrypted

GPG is a file format and associated encrypted or signed data container used by GNU Privacy Guard (GnuPG), a free implementation of the OpenPGP standard maintained by the GNU Project. It is used to protect email, software packages, backups, and other files through encryption, digital signatures, and key-based authentication. The format is still in active use; security depends on strong keys, trusted recipients, and up-to-date software, and compromised private keys can expose protected data.

Safe

Magic Bytes

Offset 0
85

Sources: Apache Tika

Extension

.gpg

MIME Type

application/pgp-encrypted

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .gpg files in Python

Python 
def is_gpg(file_path: str) -> bool:
    """Check if file is a valid GPG by magic bytes."""
    signature = bytes([0x85])
    with open(file_path, "rb") as f:
        return f.read(1) == signature

How to validate .gpg files in Node.js

Node.js 
function isGPG(buffer: Buffer): boolean {
  const signature = Buffer.from([0x85]);
  return buffer.subarray(0, 1).equals(signature);
}

How to validate .gpg files in Go

Go 
func IsGPG(data []byte) bool {
    signature := []byte{0x85}
    if len(data) < 1 {
        return false
    }
    return bytes.Equal(data[:1], signature)
}

API Endpoint

GET /api/v1/gpg
curl https://filesignature.org/api/v1/gpg

See the full API documentation for all endpoints and parameters.

Related Formats

.pgp .der .pem .asc .crt .csr

Frequently Asked Questions

What is a .gpg file?

A .gpg file is identified by the magic bytes 85 at byte offset 0. GPG is a file format and associated encrypted or signed data container used by GNU Privacy Guard (GnuPG), a free implementation of the OpenPGP standard maintained by the GNU Project. It is used to protect email, software packages, backups, and other files through encryption, digital signatures, and key-based authentication. The format is still in active use; security depends on strong keys, trusted recipients, and up-to-date software, and compromised private keys can expose protected data.

What are the magic bytes for .gpg files?

The magic bytes for GPG files are 85 at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.

How do I validate a .gpg file?

To validate a .gpg file, read the first bytes of the file and compare them against the known magic bytes (85) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .gpg files?

The primary MIME type for .gpg files is application/pgp-encrypted.

Is it safe to open .gpg files?

GPG (.gpg) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.