How know who is a file encrypted for ?

Dirk Traulsen dirk.traulsen at lypso.de
Wed Feb 27 10:00:25 CET 2008 

Am 26 Feb 2008 um 9:55 hat vedaal at hush.com geschrieben:
> 
> Am 26 Feb 2008 um 8:48 hat Dirk.Traulsen at lypso.de geschrieben:
> > 
> >1. If there are several recipients, test the given passphrase
> >automatically for all secret keys in your keyring, so that you don't
> >have to give for example 9 times a wrong one if you are recipient
> >number four, which you even don't know beforehand. 
> 
> it isn't necessary to enter the passphrase at all just press <enter>
> repeatedly until you reach the recipient you want (you'll still need 9
> 'enter's for your example ;-) but hardly such a tedious task) 

You don't believe me to enter 9 times a complete passphrase, do you?
You are right, that it is possible to live with it, but why not 
implement something more comfortable if it doesn't lower the security 
level?


> >2. A command which lists the recipients of an encrypted file.
> 
> or maybe an upgrade of gpg list packets, to include the recipient 
> listing the way pgpdump does
> 
> pgpdump immediately lists all the keyid's a message is encrypted to,
> and does so in the same order of recipients, as gnupg uses to ask 
> for the passphrase 

What I meant, was something like this mockup:
============== 
C:\>gpg --recipient-keys ENCRYPTED_FILE.gpg

gpg: file ENCRYPTED_FILE.gpg was encrypted to the following keys:  

gpg: encrypted with 2048-bit ELG-E key, ID 1643B926, created 2002-01-28
      "David M. Shaw <dshaw at jabberwocky.com>"
gpg: encrypted with 4096-bit ELG-E key, ID E192093D, created 2005-10-21
      "Dirk Traulsen (dtl-2) <Dirk.Traulsen at lypso.de>"
gpg: secret key with ID E192093D in keyring
gpg: encrypted with 2048-bit RSA key, ID 85306D25, created 2000-09-05
      "vedaal nistar <vedaal at hush.com>"
gpg: encrypted with RSA key, ID 710ACD97
gpg: encrypted with RSA key, ID 01B0C12D

C:\>
==============  
As you can easily see, there are 5 recipients: 3 in public keyring with 
1 secret key in secret keyring, 2 not in keyring  

This is the result, I get from your example:
============
  PGPdump Results

Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes)
 New version(3)
 Key ID - 0x7DC4274AF9015496
 Pub alg - RSA Encrypt or Sign(pub 1)
 RSA m^e mod n(2047 bits) - ...
 -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02

Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes)
 New version(3)
 Key ID - 0xA306C37B495CA15B
 Pub alg - RSA Encrypt or Sign(pub 1)
 RSA m^e mod n(2045 bits) - ...
 -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02
(...)
==============

While pgpdump gives an really interesting output, it does not deliver 
what I asked for:
A nicely formated list of the recipients of an encrypted file.

Dirk

More information about the Gnupg-users mailing list