GnuPG + Webservice + ASP.NET

Question

I'm exhausted. I have installed GnuPG and exported secret key, and two public keys (my own and one of my client) from another instance of GnuPG. I try to configure 'my encrypting/decrypting' method on the local machine.

When I run encrypting method from a little console application it works good. When I run this (same! - with the same body) method from my webservice on my local machine ... I have an ExitCode = 2.

Happy in fact of catching the error message, but unhappy with their body.

"gpg: no default secret key: secret key not available gpg: XXXXXXXXXXXXXXXX.xml: sign+encrypt failed: secret key not available"

What should I do? Whats wrong?

Best regards, Karol Bladek

Answer 1

static bool EncryptPGP(string inFile, string outFile)
    {
        try
        {
            RegistryKey key = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\GNU\GnuPG"); //LocalMachine
            if (key != null)
            {
                string path = key.GetValue("Install Directory").ToString();
                string pgpPath = string.Format("{0}\\gpg.exe", path);//@"C:\tools\GNU\GnuPG\gpg.exe";
                string password = "No no no no no";
                string keyName = "hihi";
                string args = string.Format(@"--batch --yes --passphrase {0} --recipient {1} --encrypt --output ""{2}"" --sign ""{3}""", password, keyName, outFile, inFile);
                Process proc = Process.Start(pgpPath, args);
                if (!proc.HasExited)
                {
                    proc.WaitForExit();
                }
                return proc.ExitCode == 0;
            }
        }
        catch (Exception exc)
        {
            Console.WriteLine(exc.Message);
        }
        return false;
    }

Answer 2

The keyring files are created on per user basis. When running the console application, it will look for the PGP keyring files in your directory, whereas when running in the web service, it will look in the directory of the user identity used by the web service.

Go ahead open up cmd, change to the GPG install directory and type in gpg -h. Somewhere near the top it will show you the path where the keyring files are located for your logged on user.

What you can do to fix this is to copy the keyring files to where it expected to find it for the web service user. Not sure if there's any command line option for gpg to select a different keyring file location.