Finding all files encrypted with a certain key

[Werner Koch]

On Tue, 24 Oct 2023 11:38, Felix E. Klee said:
> For the purpose of re-encryption with a new key, I’d like to find all
> files that are encrypted with my key BEF6EFD38FE8DCA0. All encrypted
> files, independent of key, have the extension `.gpg`.
>
> How do I do that for a massive directory tree?

AMybe something like this

encrypted-to-me-p.sh
--8<---------------cut here---------------start------------->8---
#/bin/sh
gpg -d  --status-fd 1 -o /dev/null 2>/dev/null "$1" | awk '
$1=="[GNUPG:]" && $2=="ENC_TO" && $3=="BEF6EFD38FE8DCA0" {print $1; exit 0}'
--8<---------------cut here---------------end--------------->8---


find /foo -type f -name '*.gpg' -print0 | xargs -0 -n1 encrypted-to-me-p.sh

Best done with a keyring which does not hold any keys.  Does not catch
files which have hidden recipients.  Note that you need to test for the
subkey because that is the only information available in the encrypted
files.

Using --list-packets or pgpdump might be better but those have no stable
API.


Salam-Shalom,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 243 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20231024/7398dc11/attachment-0001.sig>