Problem with GPG and remailers

Werner Koch
Tue, 1 Aug 2000 14:52:07 +0200

On Tue, 1 Aug 2000, Matthias Urlichs wrote:

> Apparently, the remailer uses the key ID of the main signature in the
> pubkey enc packet instead of the key ID of the subkey that it actually
> used.
Right. GnuPG can't find the key because the key ID is the primary key which is a sign-only key. There is no way to change this behaviour becuase it is possible to use a encryption capable key for the primary key but still use a subkey for encryption. A workaround is to set the key ID in the received message to 0 which will force gpg to try all available secret keys in turn. If you invent a name for an override option I can easily implement this. In g10/pubkey.c you see this: int get_session_key( PKT_pubkey_enc *k, DEK *dek ) { [....] if( k->keyid[0] || k->keyid[1] ) { sk = m_alloc_clear( sizeof *sk ); if you make this part evaluate to false you are done. Werner -- Werner Koch GnuPG key: 621CC013 OpenIT GmbH