feature request // option during decryption of 'hidden recipient' encryptions

vedaal at hush.com vedaal at hush.com
Mon May 15 22:29:15 CEST 2006


currently, (1.4.3),
for decryption of a message done with the throw-keyids, or hidden-
recipient options,

gnupg asks for one passphrase, and then tries all the secret keys 
with the same passphrase, 
and if the passphrase is the correct one for one of the keys, but 
not for the 'real' hidden recipient key,
gnupg gives a 'failed decryption' message, but without giving the 
user a chance to try another passphrase for another key without 
starting all over again

could there be an option for trying each secret key individually?

i.e.
gnupg would prompt with the first key in the secret keyring,
and if that were the real hidden recipient, and the passphrase were 
correct,
then gnupg would decrypt,
otherwise gnupg would give an error message of :

'cannot decrypt using this key, trying next key in the secret ring'
enter passphrase: 

(also, 
when prompting for the passphrase of a key, can gnupg list both the 
keyid and the username,
instead of just the keyid

currently, gnupg does the following:

gpg: public key is 00000000
gpg: anonymous recipient; trying secret key (key id ) ...
Enter passphrase:

(n.b.
this is already being done this way by the winpt front end (0.12.0)

winpt  prompts for each secret key in sucession,
and does so with both the keyid and the user name)

just thought it would be much quicker and more convenient if the 
same were possible from the command line ...


TIA,

vedaal



Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485




More information about the Gnupg-users mailing list