Retrieving signature from message that was encrypted and signed
in one step
Patrick Chkoreff
patrick at fexl.com
Tue Apr 19 06:07:23 CEST 2005
On Apr 18, 2005, at 8:10 PM, Atom Smasher wrote:
> for now, the only way to do it is to extract the session key from the
> message (--show-session-key) and send that along with the encrypted
> message to your 3rd party. they can use "--override-session-key" to
> decrypt the message and verify the signature.
How neat, thanks for the pointer. Fortunately I do not intend to use
this feature routinely, it would only be for rare cases where a dispute
might arise.
But yes, the feature does work as you describe.
For example:
% gpg --show-session-key <msg.txt
...
Enter passphrase:
gpg: session key: "2:2622FADA5418975E1FA98A1C57913EB2283E115156155BC6"
Then:
% gpg --decrypt --override-session-key \
"2:2622FADA5418975E1FA98A1C57913EB2283E115156155BC6" <msg.txt
Here is a message which Patrick Chkoreff
encrypted and signed in one step.
gpg: Signature made Mon Apr 18 23:53:12 2005 EDT using DSA key ID
E8754C0B
gpg: Good signature from "Patrick Chkoreff <patrick at fexl.com>"
> in most cases the session key should be encrypted (to your 3rd party),
> because anyone who gets a hold of the session key can read the
> message.
Sure, I would have the option of disclosing the session key to anyone
or everyone.
Thanks again!
Best Regards,
Patrick
More information about the Gnupg-users
mailing list