06112017-Fun-With-GPG

Fun with GPG

This week, I was having making some great progress in understanding how GPG works either locally or through email. The original intention to do all this was because I would like my router to send me notification whenever the tranmission finish download the torrent. This may be simple as it sounds and it had been working correctly for me for several months since I create the initial script.

This week, however, I decided to do something special. I would like the router to sign/encrypt the message it sends to me. I am not sure why I need that, but anyways, I did get to learn a lot through the process.

Here is my original script, it simply uses the mailx program that installed on the router and sends the email through SMTP. Looks quite simple, it pretty much is the same as the script I have shown in the previous post:

1
2
3
4
5
6
7
8
#!/bin/sh

SMTP_SERVER=YOUR_EMAIL_SMTP
MESSAGE="Hello!\n\n \tThis is a notification from transmission, $TR_TORRENT_NAME has been completed on $TR_TIME_LOCALTIME\n\n Thanks!"
SENDER="YOUR_EMAIL_USER_NAME"
RECEPIENT="EMAIL_TO_RECEIVE"

printf "$MESSAGE"|mailx -vr $SENDER -s "[Transmission] Torrent Has Been Downloaded" -S smtp=$SMTP_SERVER -S smtp-use-starttls -S smtp-auth=login -S smtp-auth-user=$SENDER -S smtp-auth-password="YOUR_EMAIL_PASSWORD" -S ssl-verify=ignore $RECEPIENT

A little more explanation here, there are two variables preset by Transmission. $TR_TORRENT_NAME, is the name of the torrent that has just been finished. $TR_TIME_LOCALTIME is the time when the download was finished. There were several other environment variables set by transmission also. Here is a list of them^1
Note: The meaning of this variable are not explicitly documented in the wiki, and I guess the meaning based on my understanding.

Env Variable Name Meaning
TR_APP_VERSION The version of the transmission app.
TR_TIME_LOCALTIME The time when the current torrent has been downloaded.
TR_TORRENT_DIR The directory that the content of the torrent was downloaded to.
TR_TORRENT_HASH The hash value of the torrent.
TR_TORRENT_ID The ID of this torrent (in the download list for transmission bookeeping?).
TR_TORRENT_NAME The name of the torrent.

So my initial thought was that adding the GPG encryption or signing is as easy as adding a new pipeline that redirects the output to GPG. However, it turned out to be much more difficult than that. When the script is called by transmission, it doesn't set the environment variable required by GPG and because of this GPG would failed to find the private key used to sign/encrypt the message and therefore failed to encrypt. After setting the environmental variable in the scripts the GPG encryption works correctly. Here is the working script with encryption and signing.

1
2
3
4
5
6
7
8
9
10
11
12
#!/bin/sh

SMTP_SERVER=YOUR_EMAIL_SMTP
MESSAGE="Hello!\n\n \tThis is a notification from transmission, $TR_TORRENT_NAME has been completed on $TR_TIME_LOCALTIME\n\n Thanks!"
SENDER="YOUR_EMAIL_USER_NAME"
RECEPIENT="EMAIL_TO_RECEIVE"
HOME="YOUR HOME DIRECTORY"
GPGHOME="YOUR .gpg DIRECTORY"
export HOME=$HOME
export GPGHOME=$GPGHOME

printf "$MESSAGE"|gpg --sign --encrypt --passphrase "your pass phrase" --batch --armor --encrypt -r recipient_pubkey_id |mailx -vr $SENDER -s "[Transmission] Torrent Has Been Downloaded" -S smtp=$SMTP_SERVER -S smtp-use-starttls -S smtp-auth=login -S smtp-auth-user=$SENDER -S smtp-auth-password="YOUR_EMAIL_PASSWORD" -S ssl-verify=ignore $RECEPIENT