Is it possible to force decryption with the wrong key type

Werner Koch wk at gnupg.org
Fri Jun 5 17:33:07 CEST 2009


On Fri,  5 Jun 2009 14:41, lists at michel-messerschmidt.de said:

> I don't think gpg has problem identifying and finding the secret key, 
> but it refuses to decrypt a message with a key that had no encryption 
> capability set during key creation.

Your secret key is on a card?  Right, then it would not work.  The
reason is that gpg would ask you to insert all your cards one after the
other to try to decrypty something.  This would we too tedious.  If you
want to change it, find the code below in g10/pubkey-enc.c, function
get_session_key:

	for(;;) {
	    if( sk )
		free_secret_key( sk );
	    sk = xmalloc_clear( sizeof *sk );
	    rc=enum_secret_keys( &enum_context, sk, 1, 0);
	    if( rc ) {
		rc = G10ERR_NO_SECKEY;
		break;
	    }

and change the last parameter to enum_secret_keys from 0 to 1.  From
looking at the code, this should work.  Let us know it that is indeed
the case and I'll add another option.


Salam-Shalom,

   Werner



-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gnupg-users mailing list