Decrypting multiple encrypted blocks on one stream using GPG

Fiedler Roman Roman.Fiedler at
Thu Jul 7 11:32:30 CEST 2016

Hello List,

I'm trying to use gnupg to solve a usecase similar to the one depicted in
[1], but the workaround from [1] is not suitable, because:

* Each file I have is larger than the machine holding the keys
* The keys cannot be moved
* The streams will take hours/days to decrypt so no interruption is

I would use following scheme to solve it:

* Have wrapper passing stdin (fd=0) unmodified to newly forked gnupg
* Read passwords from tty not stdin

If I understand correctly, gnupg will not overread on stdin, so no packet
headers will be consumed on error by previous gnupg process on error after
finishing the payload packet.

A problem that remains: I have to make gnupg ask for each key password
indefinitely long. As gnupg needs to read the header to find the correct
private key, termination after the 3rd password would break the stream. Is
there any way to make gpg repeat the password question over and over?

Not yet applicable, but perhaps for next level: Same for keyring with
multiple keys, but where encrypted content was created with



DI Roman Fiedler
Digital Safety & Security Department
Assistive Healthcare Information Technology

AIT Austrian Institute of Technology GmbH
Reininghausstraße 13/1 | 8020 Graz | Austria
T +43(0) 50550 2957 | M +43(0) 664 8561599 | F +43(0) 50550 2950
roman.fiedler at |

FN: 115980 i HG Wien  |  UID: ATU14703506
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6344 bytes
Desc: not available
URL: </pipermail/attachments/20160707/af9d5e3c/attachment.bin>

More information about the Gnupg-users mailing list