I'm using the python-gnupg package to decrypt a file using a key I generated. For reasons I can't explain, this code runs on Windows and successfully decrypts the file:
import gnupg
import os
key_data = '''-----BEGIN PGP PRIVATE KEY BLOCK-----
<key data here>
-----END PGP PRIVATE KEY BLOCK-----
'''
gpg_path = "C:/Program Files (x86)/GnuPG/bin/gpg.exe":
gpg = gnupg.GPG(gpg_path)
gpg.encoding = 'utf-8'
import_result = gpg.import_keys(key_data)
with open(r"C:\Users\test\Downloads\my.csv.gpg", "rb") as f:
status = gpg.decrypt_file(f, passphrase=None, output=r"C:\Users\test\Downloads\TEST.CSV")
print("STATUS OK ? " + str(status.ok))
print("STDERR: " + str(status.stderr))
I see "STATUS OK ? True" printed.
However this code fails to decrypt on a dockerized Linux environment on the same PC:
import gnupg
import os
key_data = '''-----BEGIN PGP PRIVATE KEY BLOCK-----
<key data here>
-----END PGP PRIVATE KEY BLOCK-----
'''
gpg_path = "/usr/bin/gpg":
gpg = gnupg.GPG(gpg_path)
gpg.encoding = 'utf-8'
import_result = gpg.import_keys(key_data)
with open(r"/home/test/my.csv.gpg", "rb") as f:
status = gpg.decrypt_file(f, passphrase=None, output=r"/home/test/TEST.CSV")
print("STATUS OK ? " + str(status.ok))
print("STDERR: " + str(status.stderr))
I see "STATUS OK ? False" printed, and no other errors. The output file is not created. Both environments are running Python 3.7.9, and running pip show python-gnupg has the same output in both environments. I've made sure to copy over the encrypted file and have tried saving it with various encodings. The Linux environment is Debian via WSL.
As it turns out, the build of
gpg
included in the Debian distro does not work as expected. I installed version 2.2.27 from source and specified the executable path in the constructor of the GPG object in Python via thegpgbinary
argument, and I was then able to decrypt successfully using the script. I got the tip that builds that come in linux distros may not work from https://pythonhosted.org/python-gnupg/ in the Note section.