Python - GPG decrypt works but GNUPG doesn't

2020-04-20 23:46发布

I'm using pythons gnupg to decrypt a file I've downloaded with python:

        gpg = gnupg.GPG(gnupghome="/home/myname/.gnupg")
    with open('updates/'+filelist[i],'r') as f:
        print "Decrypting "+fn
        status=gpg.decrypt_file(f, passphrase="passphrase",output='updates/'+fn)

    print 'ok: ', status.ok
    print 'stderr: ',status.stderr

This fails saying 'secret key not available'. However when I run gpg -d filename from terminal the file decrypts without any errors. I've used gpg -K and checked that the secret certificate / key used to encrypt the file is imported + trusted etc.

This is all running on Ubuntu Server 12.04.

Can anyone suggest how I can get around this error?

标签： python encryption gnupg

1条回答

爷的心禁止访问

2楼-- · 2020-04-21 00:48

Be aware that GnuPG is the "real" name of gpg, which is only the name of the binary. The python API is called python-gnupg.

The problem will most probably be caused by missing access privileges. As you already realized, each system user has its own GnuPG home directory (thus you provided another user's GnuPG-directory), not accessible by others. Make sure your web server user (probably www-data) has access to /home/myname/.gnupg, better export the private key and reimport it from within the webserver's user (GnuPG does not like extensive access rights and might send a warning or deny to run at all otherwise).

You can test if that really is the problem by running sudo -u www-data 'gpg --home-dir /home/myname/.gnupg -d filename (thus, run gpg under the web server's user).

0人赞添加讨论(0) 举报

Python - GPG decrypt works but GNUPG doesn't

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间