getting an encrypted file to show what public key was used

Hauke Laging mailinglisten at hauke-laging.de
Tue May 29 17:31:40 CEST 2012


Am Di 29.05.2012, 09:45:48 schrieb Steven Lefevre:

> Beginning GPG Decryption
> Using current version of GNUPG
> gpg: encrypted with 2048-bit ELG-E key, ID F1940956, created 2002-04-25
>       "Different Public Key <another_key at another_company.com>"
> gpg: decryption failed: secret key not available
> 
> However, when I try to decrypt the file I'm sending them, without the
> key, I get simply
> 
> $> gpg --decrypt sensitive_file.gpg
> gpg: encrypted with ELG-E key, ID F1940956
> gpg: decryption failed: secret key not available

Was this try in the same GnuPG environment like the encoding or was one within 
PHP and the other one as your regular user account?

GnuPG does not report UIDs if the key is not available in the keyring. The 
error message tells us that the key which you have encoded for (0xF1940956 (or 
its main key), "Different Public Key <another_key at another_company.com>) is 
part of the decoding system's keyring but only the public key. So you encode 
for the wrong key.


> I want gpg to report the email address of the key used to encrypt the
> file, like in the error message I'm getting from the remote host. I
> want to see "Different Public Key <another_key at another_company.com>",
> like in their error message. But my gpg doesn't report that.

You have to import the respective key in order to get that information.


> Is the name of the public key really encoded into the encrypted file?

No, just the (long) ID of the used key (i.e. possibly a subkey).


> How can I see the name of the public key that encrypted the file? Am I
> missing a switch?

You can search the keyservers for subkeys, too.

gpg --keyserver pool.sks-keyservers.net --search-keys 0xF1940956


I am confused by Robert's short ID collision hint but my remarks should be 
correct anyway.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120529/6f91c903/attachment.pgp>


More information about the Gnupg-users mailing list