CODEWITHSUNDEEP
c#encryptionprocessgnupgpgp
dw brown
dw brown

Reputation: 1

GPG decrypt not working from c# Website using Process class

I am trying to decrypt a pgp encrypted file using GnuPG in a C# asp.net website using the Process class. I can successfully do import and encrypt GPG commands in the website using the Process class. When I run --decrypt, the file is not decrypted and the StandardError output looks like this:

gpg: encrypted with 2048-bit RSA key, ID AAAAAAAAAAAAAAAA, created 2019-12-06 "Company A " gpg: decryption failed: No secret key

I do have the correct secret key which I am using in the code. But the secret key is not found by this web page. I have confirmed this by doing the --list-secret-keys GPG command in the website. It lists nothing. The --list-keys cmd within the website does list the public key.

I can run the same GPG decrypt cmd from a Windows cmd prompt, on the same web server, and the decryption works using the same passphrase. This is the DOS cmd and output:

C:\path>gpg --batch --trust-model always --pinentry-mode loopback --passphrase "PassPhrase" --output "D:\Websites\test.txt" --decrypt "D:\Websites\test.pgp"

gpg: encrypted with 2048-bit RSA key, ID AAAAAAAAAAAAAAAA, created 2019-12-06 "Company A "

This is my aspx and aspx.cs decrypt code:

<%@ Page Title="" Language="C#" Debug="true" AutoEventWireup="true" CodeFile="td.aspx.cs" Inherits="TestDecrypt" %>

using System;
using System.Web.UI;
using System.Diagnostics;

public partial class TestDecrypt : Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        try
        {
            string inFile = "D:\\Websites\\test.res.pgp";
            string outFile = inFile.Replace(".res.pgp", "res.txt");
            DecryptFile(inFile, outFile);
        }
        catch (Exception ex)
        {
            Response.Write("ex.Message=" + ex.Message);
        }
    }

    private void DecryptFile(string inputName, string outputName)
    {
        const string commandFormat = @"--passphrase --batch --trust-model always --pinentry-mode loopback --output {0} --decrypt {1}";
        PgpCmd(string.Format(commandFormat, outputName, inputName), "PassPhrase");
    }

    public void PgpCmd(string command, string password)
    {
        string path = string.Format(@"{0}\gpg.exe", @"C:\Program Files (x86)\GnuPG\bin");

        var procStartInfo = new ProcessStartInfo(path, command)
        {
            CreateNoWindow = true,
            UseShellExecute = false,
            RedirectStandardError = true
        };

        var proc = new Process { StartInfo = procStartInfo };
        proc.Start();

        while (!proc.StandardError.EndOfStream)
        {
            string line = proc.StandardError.ReadLine();
            Response.Write("<br>proc line:" + line);
        }

        proc.WaitForExit();
    }
}

This is my aspx and aspx.cs list keys code:

<%@ Page Title="" Language="C#" Debug="true" AutoEventWireup="true" CodeFile="td2.aspx.cs" Inherits="TestDecrypt2" %>

using System;
using System.Web.UI;
using System.Diagnostics;

public partial class TestDecrypt2 : Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        try
        {
            ListKeys();
        }
        catch (Exception ex)
        {
            Response.Write("ex.Message=" + ex.Message);
        }
    }

    private void ListKeys()
    {
        Response.Write("<br />all keys:");
        string cmd = @"--list-keys";
        PgpCmd(cmd);

        Response.Write("<br /><br />secret keys:");
        cmd = @"--list-secret-keys";
        PgpCmd(cmd);
    }

    public void PgpCmd(string command)
    {
        string path = string.Format(@"{0}\gpg.exe", @"C:\Program Files (x86)\GnuPG\bin");

        var procStartInfo = new ProcessStartInfo(path, command)
        {
            CreateNoWindow = true,
            UseShellExecute = false,
            RedirectStandardOutput = true
        };

        var proc = new Process { StartInfo = procStartInfo };
        proc.Start();

        while (!proc.StandardOutput.EndOfStream)
        {
            string line = proc.StandardOutput.ReadLine();
            Response.Write("<br>proc line:" + line);
        }

        proc.WaitForExit();
    }
}

Anybody know why the web page can not access the secret-key, but a DOS cmd can?

Thanks for any help

Upvotes: 0

Views: 1984

Answers (1)

dw brown
dw brown

Reputation: 1

I found the problem. My website, being a different user than when I log on to the web server with remote desktop connect, was looking for the private key in a different location than my RDC user, which was used to install and create the Gnupg files. I tried using GPG --homedir to set the location with no luck. I finally just copied the needed files, including the private key file, to the directory location used by the website user, and that fixed it. I did a GPG -h from the website to find the folder location that the website was looking for the private key. No coding changes needed. Shoutout to this post which finally helped me find the solution. GnuPG + Webservice + ASP.NET

Upvotes: 0

Related Questions