BigBinary Blog

We write about Ruby on Rails, React.js, React Native, remote work, open source, engineering and design.

Gpg decryption without pin entry pop up using GPGME

In one of our projects, we implemented GPG decryption.

What is GPG ?

GPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP).

We used GPGME gem for this purpose. It provides three levels of API. In our case, we used Crypto which has the high level convenience methods to encrypt, decrypt, sign and verify signatures.

We needed to import private key for decrypting a file that was encrypted using paired public key. First let's import the required private key.

GPGME::Key.import File.open('certs/pgp.key')

Let's decrypt the file.

crypto = GPGME::Crypto.new
options = { output: File.open('file.csv', 'wb') }

crypto.decrypt File.open('file.csv.gpg'), options

Above code has one problem. It will open a pop up for password input that has been used when public and private keys have been generated.

To support password input without pop up, we updated the code as below.

crypto = GPGME::Crypto.new
options = {
            output: File.open('file.csv', 'wb'),
            pinentry_mode: GPGME::PINENTRY_MODE_LOOPBACK,
            password: 'welcome'
          }

crypto.decrypt File.open('file.csv.gpg'), options

Here, pinentry_mode option allows password input without pop up.

We did not use latest version of GPG since it does not support pinentry_mode option. Instead, We used 2.1.20 version which has support for this option. Here is the build instruction for that.

Sushant Mittal in Rails
27, 2018
Share

You might also like

Rails 6.1 adds support for PostgreSQL interval data type

Rails 6.1 allows per environment configuration support for Active Storage

Rails 6.1 adds support for belongs_to to has_many inversing

Rails 6.1 adds strict_loading to warn lazy loading associations

Rails 6.1 adds where.associated to check association presence

Subscribe to our newsletter