diff --git a/.gitignore b/.gitignore
index 00f6582..7e8f9df 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 coverage.out
 coverage-report.txt
 report.xml
+junit.xml
 /tmp/*
 /examples/tmp/*
 /bin/serve/docker/prometheus/data
diff --git a/cryptkeeper/keepers/pgp/pgp.go b/cryptkeeper/keepers/pgp/pgp.go
index a95616d..9d15713 100644
--- a/cryptkeeper/keepers/pgp/pgp.go
+++ b/cryptkeeper/keepers/pgp/pgp.go
@@ -2,7 +2,6 @@ package pgp
 
 import (
 	"encoding/base64"
-	"errors"
 	"io"
 	"os"
 	"strings"
@@ -56,7 +55,22 @@ func (p Keeper) Decrypt(config keepers.Config, file io.Reader) (io.Reader, error
 }
 
 func (p Keeper) Encrypt(config keepers.Config, reader io.Reader) (io.Reader, error) {
-	return nil, errors.New("not implemented")
+	content, err := io.ReadAll(reader)
+	if err != nil {
+		return reader, err
+	}
+
+	publicKey, _ := base64.StdEncoding.DecodeString(config.Get("publicKey"))
+	privateKey, _ := base64.StdEncoding.DecodeString(config.Get("privateKey"))
+
+	encrypted, err := helper.EncryptSignMessageArmored(
+		string(publicKey),
+		string(privateKey),
+		[]byte(config.Get("passphrase")),
+		string(content),
+	)
+
+	return strings.NewReader(encrypted), err
 }
 
 func New() *keepers.Keeper {
diff --git a/cryptkeeper/keepers/pgp/pgp_test.go b/cryptkeeper/keepers/pgp/pgp_test.go
index 59711f2..a8192b2 100644
--- a/cryptkeeper/keepers/pgp/pgp_test.go
+++ b/cryptkeeper/keepers/pgp/pgp_test.go
@@ -12,25 +12,35 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-//go:embed support/Reguard_mock_contracts.csv.pgp
-var encStr string
+//go:embed support/Reguard_mock_contracts.csv
+var str string
 
 //go:embed support/Reguard_mock_private.asc
 var secretKeyring string
 
+//go:embed support/Reguard_mock_public.asc
+var publicKeyring string
+
 var passphrase = "reguard-mock-key"
 
 func TestPGP(t *testing.T) {
+	os.Setenv("PREFIX_PUBLIC_KEY", publicKeyring)
 	os.Setenv("PREFIX_PRIVATE_KEY", secretKeyring)
 	os.Setenv("PREFIX_PASSPHRASE", passphrase)
 
-	keeper := pgp.Keeper{}
+	keeper := pgp.New()
 
-	config := keeper.Setup("prefix")
+	keeper.Setup("prefix")
+
+	encrypted, err := keeper.Encrypt(
+		strings.NewReader(str),
+	)
+
+	assert.NotEqual(t, encrypted, strings.NewReader(str))
+	assert.NoError(t, err)
 
 	content, err := keeper.Decrypt(
-		config,
-		strings.NewReader(encStr),
+		encrypted,
 	)
 
 	assert.NoError(t, err)
@@ -39,6 +49,7 @@ func TestPGP(t *testing.T) {
 
 	assert.NoError(t, err)
 	assert.Equal(t, len(readContent), 1860)
+	assert.Equal(t, string(readContent), str)
 }
 
 func TestPGPErr(t *testing.T) {