5

I have a Public shared to me and I'm loading it as shown below:

key_path = os.environ.get('ESB_FILES_PUBLIC_KEY')
key, _ = pgpy.PGPKey.from_file(key_path)

I try to decrypt the file using this key

message_from_file = pgpy.PGPMessage.from_file(filepath)
raw_message = key.decrypt(message_from_file).message
print(raw_message)

It doesn't work and I get this error instead pgpy.errors.PGPError: Expected: is_public == False. Got: True

Any idea on how to decrypt an PGP file in Python with only the Public Key. For reference: I'm currently using this library https://pgpy.readthedocs.io/en/latest/examples.html.

Thanks

Cheruiyot Felix
  • 1,557
  • 5
  • 26
  • 42
  • 2
    You cannot decrypt with the public key, you must have the private key. That's the *asymmetric* part of asymmetric cryptography. – President James K. Polk Sep 05 '19 at 22:55
  • Still, this is a good question. Amazingly, the pgpy docs do not provide the vanilla use case example how to decrypt the public-key encrypted message with the private key. Shame on them. – Zephaniah Grunschlag Sep 23 '21 at 14:39

1 Answers1

-1

PGP uses asymmetric cryptography. There is a public key which is public and can only encrypt and the private key only decrypts. A good explanation I found helpful was https://www.freecodecamp.org/news/how-does-pretty-good-privacy-work-3f5f75ecea97/ under "How does PGP actually work".

In the doc that you're referring to: https://pgpy.readthedocs.io/en/latest/examples.html#encrypting-decrypting-messages-with-a-public-key it says "Encryption using keys requires a public key, while decryption requires a private key."

If you generated the keys, you should have the private key on your key-ring, which you can export as a .asc and decrypt.

Satoe Sakuma
  • 93
  • 7
  • The docs don't have any information on how to generate a public vs private key – riders994 Mar 31 '21 at 21:35
  • I don't think the answer is correct. PGP requires two keys for encryption ( sender private key and your public key) and two keys for decryption (sender public key and your private key). "https://www.howtogeek.com/427982/how-to-encrypt-and-decrypt-files-with-gpg-on-linux/" – Sydney Apr 23 '23 at 15:35
  • @riders994There is a section on generation keys https://pgpy.readthedocs.io/en/latest/examples.html#generating-keys – Satoe Sakuma Apr 24 '23 at 16:50
  • @Sydney The article you linked is for GPG, which it says is modeled off of PGP but I'm not sure if they are they same – Satoe Sakuma Apr 24 '23 at 16:50