GnuPG encryption with key file
David Shaw
dshaw at jabberwocky.com
Thu Mar 27 14:35:21 CET 2014
On Mar 26, 2014, at 5:37 PM, ------ ------ <postpics123 at gmail.com> wrote:
> Hi,
> is it possible to encrypt a file with a symmetric cipher (e.g., AES256) using a key file (e.g., a binary file) instead of a password?
Not really, but you can sort of weakly approximate it via something like this:
base64 -w0 binary-file-for-passphrase | gpg --passphase-fd 0 --symmetric file-to-encrypt
Limitations of the method are that it's not really using the binary file as a key, but rather as a passphrase (so it gets the usual hash treatment), and there is a size limit on how large the passphrase can be (it's in the thousands of characters, but there is a limit). The reason for the base64 is that passphrase-fd stops reading after \n for obvious reasons, and text passphrases can't have \0 in them, so a naturally-occuring \n or \0 in the binary file will truncate your "passphrase". Same reason for the -w0, which tells base64 not to add any \n of its own.
David
More information about the Gnupg-users
mailing list