cli/decrypt: improve debugging of gpg command (#2913)

When gopass-jsonapi is running these functions, the stderr of the gpg command won't reach anywhere visible without writing it to the log as well. Also adding 2 --verbose arguments to gpg helps debugging potential issues. Signed-off-by: Doron Behar <doron.behar@gmail.com>
2026-02-01 17:37:29 +00:00 · 2024-07-28 08:31:37 +00:00 · 2024-07-28 08:31:37 +00:00 · 51c2bdc8d0
commit 51c2bdc8d0
parent e302ae754c
1 changed files with 14 additions and 3 deletions
--- a/internal/backend/crypto/gpg/cli/decrypt.go
+++ b/internal/backend/crypto/gpg/cli/decrypt.go
@ -3,6 +3,7 @@ package cli
 import (
 	"bytes"
 	"context"
+	"io"
 	"os"
 	"os/exec"

@ -15,11 +16,21 @@ func (g *GPG) Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error) {
 	defer cancel()

 	args := append(g.args, "--decrypt")
+	// Useful information may appear there
+	if debug.IsEnabled() {
+		args = append(args, "--verbose", "--verbose")
+	}
 	cmd := exec.CommandContext(ctx, g.binary, args...)
 	cmd.Stdin = bytes.NewReader(ciphertext)
-	cmd.Stderr = os.Stderr
+	// If gopass-jsonapi is used, there is no way to reach this os.Stderr, so
+	// we write this stderr to the log file as well.
+	cmd.Stderr = io.MultiWriter(os.Stderr, debug.LogWriter)

-	debug.Log("%s %+v", cmd.Path, cmd.Args)
+	debug.Log("Running %s %+v", cmd.Path, cmd.Args)
+	stdout, err := cmd.Output()
+	if err != nil {
+		debug.Log("Got %+v when running gpg command!", err)
+	}

-	return cmd.Output()
+	return stdout, err
 }