Search code examples
pythonpython-3.xencryptiongnupg

How to decrypt a tar.gz file using the gnupg python module

I have an encrypted tar.gz archive and need to create function to decrypt it and untar. When I'm using the gpg command in terminal, it works totally fine.

gpg --output path/my_archive.tar.gz --decrypt path/my_archive.tar.gz.gpg

But when I created a function to decrypt the file I got just Unknown system error.

def _unpack(self, my_path: Path) -> Path:
    if not str(my_path).startswith("/tmp/"):
        # import to tmp
        my_path = edge.copy2tmp(my_path)
    if str(my_path).endswith('.gpg'):
        output_path = my_path.parent / my_path.stem
        logger.info(my_path)  # i'm sure it is gpg
        assert my_path.exists()  # i'm sure it exists
        with open(str(my_path), 'rb') as f:
            gpg = gnupg.GPG()
            status = gpg.decrypt_file(
                f, passphrase=MY_SECRET_KEY, output=str(output_path)
            )
        logger.info(status.ok)
        logger.info(status.status)
        logger.info(status.stderr)
        my_path = output_path
    if my_path.is_dir():
        # case when delivery is directory
        return my_path
    elif tarfile.is_tarfile(str(my_path)):
        ....

Logger results:

my_logger - /tmp/nlgdb-p2iyxhh7/archive_name.tar.gz.gpg
gnupg - Setting homedir to '/home/o.solop/.config/python-gnupg'
gnupg - 
Initialised settings:
binary: /usr/bin/gpg
binary version: 2.2.19\ncfg:pubkey:1;16;17;18;19;22\ncfg:pubkeyname:RSA;ELG;DSA;ECDH;ECDSA;EDDSA\ncfg:cipher:1;2;3;4;7;8;9;10;11;12;13\ncfg:ciphername:IDEA;3DES;CAST5;BLOWFISH;AES;AES192;AES256;TWOFISH;CAMELLIA128;CAMELLIA192;CAMELLIA256\ncfg:digest:2;3;8;9;10;11\ncfg:digestname:SHA1;RIPEMD160;SHA256;SHA384;SHA512;SHA224\ncfg:compress:0;1;2;3\ncfg:compressname:Uncompressed;ZIP;ZLIB;BZIP2\ncfg:curve:cv25519;ed25519;nistp256;nistp384;nistp521;brainpoolP256r1;brainpoolP384r1;brainpoolP512r1;secp256k1\n'
homedir: /home/o.solop/.config/python-gnupg
ignore_homedir_permissions: False
keyring: /home/o.solop/.config/python-gnupg/pubring.gpg
secring: /home/o.solop/.config/python-gnupg/secring.gpg
default_preference_list: SHA512 SHA384 SHA256 AES256 CAMELLIA256 TWOFISH AES192 ZLIB ZIP Uncompressed
keyserver: hkp://wwwkeys.pgp.net
options: None
verbose: False
use_agent: False

gnupg - FAILURE status emitted from gpg process: decrypt 4294967295
my_logger - False
my_logger - decrypt 4294967295
my_logger - gpg: no valid OpenPGP data found.
[GNUPG:] NODATA 1
[GNUPG:] NODATA 2
[GNUPG:] FAILURE decrypt 4294967295
gpg: decrypt_message failed: Unknown system error

Do you have any idea what am I doing wrong? Maybe there is any other module to decrypt my data? Probably, I just can use a subprocess, but why the module doesn't work for me?

Solution

  • I had the exact same issue, today.

    In my case, I installed the packages gnupg (first) and python-gnupg along. The answer in https://github.com/isislovecruft/python-gnupg/issues/208#issuecomment-786857806 put me up.

    After removing gnupg and reinstalling python-gnupg, the error vanished and I finally could decrypt my files.