decrypt aes256 encrypted file without gpg-agent
Werner Koch
wk at gnupg.org
Mon Jun 29 11:49:13 CEST 2020
On Sun, 28 Jun 2020 16:24, Robert J. Hansen said:
> GnuPG sees the symmetrically encrypted message and knows it needs to
> recover/derive a key. It calls gpg-agent, which in turn calls pinentry.
In addition gpg-agent also takes care of caching passphrases which makes
even symmetrically encryption more convenient. It is also used to
figure out a suitable number of hash iteration to make new symmetric
passphrase encryption stronger - this can't be done by a plain command
line tool.
In theory it is possible to pass a set of option to avoid the use of
gpg-agent for plain symmetric encryption but as soon as any pubkey key
is used as an alternative to the symmetric encryption the agent is
required to check whether a private key exists. From engineering and
security POVs it does not make sense to special case very rare use
cases.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200629/f6dfd17e/attachment.sig>
More information about the Gnupg-users
mailing list