Problem with GPG and remailers
Werner Koch
wk@gnupg.org
Tue, 1 Aug 2000 14:52:07 +0200
On Tue, 1 Aug 2000, Matthias Urlichs wrote:
> Apparently, the remailer uses the key ID of the main signature in the
> pubkey enc packet instead of the key ID of the subkey that it actually
> used.
Right. GnuPG can't find the key because the key ID is the primary key
which is a sign-only key. There is no way to change this behaviour
becuase it is possible to use a encryption capable key for the primary
key but still use a subkey for encryption.
A workaround is to set the key ID in the received message to 0 which
will force gpg to try all available secret keys in turn. If you
invent a name for an override option I can easily implement this.
In g10/pubkey.c you see this:
int
get_session_key( PKT_pubkey_enc *k, DEK *dek )
{
[....]
if( k->keyid[0] || k->keyid[1] ) {
sk = m_alloc_clear( sizeof *sk );
if you make this part evaluate to false you are done.
Werner
--
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de