Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: users

batch decryption key identification

 

 

GnuPG users RSS feed   Index | Next | Previous | View Threaded


jw72253 at verizon

Oct 31, 2011, 7:20 PM

Post #1 of 2 (432 views)
Permalink
batch decryption key identification

Hello. On this website
(http://www.gnupg.org/faq/GnuPG-FAQ.html#how-can-i-get-list-of-key-ids-used-
to-encrypt-a-message) I found this FAQ and answer:

Question: How can I get list of key IDs used to encrypt a message?

$ gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null | \
awk '/^\[GNUPG:\] ENC_TO / { print $3 }'


As it relates in part to my original question below, I want to ask about
this in more detail. Knowing which particular key was used for encryption
would allow me to pinpoint which of the several keys on a key-ring to use
for decryption and would help save much time and effort in the process when
looking at a batch of messages.

I am not a programmer, but I can see that the above command uses the program
'awk' to identify the key used; and I understand that the Gnu program 'gawk'
has equivalent functionality. I have two questions about it. First, using
the above command, whereabouts should I put the "path/filenames.asc" in it
for the command to analyze for decryption, and should I put any other
unlisted parameters in the command for it to complete? I tried testing it
like this:

gpg --batch --decrypt <filename.asc> --list-only --status-fd 1

But I saw nothing output on the screen related to the key used on the file.
The 'filename.asc' tested was just an individual encrypted file, but I later
intend to use this on a batch of files named such as 'path/*.asc'.

Secondly, are the 'gawk' program commands equivalent to the above listed awk
commands, or will I need to alter it in some way? Thanks.

John



-----Original Message-----
From: gnupg-users-bounces [at] gnupg [mailto:gnupg-users-bounces [at] gnupg]
On Behalf Of gnupg-users-request [at] gnupg
Sent: Tuesday, October 11, 2011 2:58 AM
To: gnupg-users [at] gnupg
Subject: Gnupg-users Digest, Vol 97, Issue 9

[snip]

Message: 8
Date: Tue, 11 Oct 2011 09:35:30 +0200
From: Werner Koch <wk [at] gnupg>
To: "John A. Wallace" <jw72253 [at] verizon>
Cc: gnupg-users [at] gnupg
Subject: Re: key selection in batch decryptions
Message-ID: <87sjn07zgd.fsf [at] vigenere>
Content-Type: text/plain; charset=us-ascii

On Mon, 10 Oct 2011 23:18, jw72253 [at] verizon said:

> keys in turn. Is there a way to tell gpg to use just one of the keys if
> any? I have tried specifying this as one of the options "-u userID", but
it

No there is no way to do this.

The best suggestion for all automated systems is not to use a
passphrase. If you really want a passphrase and you require full
control over it you have three choices:

- Write your own pinentry and send CANCEL back until the desired
passphrase is requested. Then send the right passphrase.

- Write a simple pinentry to always send a CANCEL back (GnuPG 2.1 will
have an option to emulate this). The use gpg-preset-passphrase to
seed gpg-agent with the desired passphrase.

- Use --status-fd/--command-fd. These options allow you to
pass a passphrase to gpg entirely under script control. They work
even with GnuPG 1.4.





_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jw72253 at verizon

Nov 1, 2011, 8:26 PM

Post #2 of 2 (402 views)
Permalink
batch decryption key Identification [In reply to]

>
> Message: 7
> Date: Mon, 31 Oct 2011 21:20:24 -0500
> From: "John A. Wallace" <jw72253 [at] verizon>
> To: <gnupg-users [at] gnupg>
> Subject: batch decryption key identification
> Message-ID: <000001cc983c$d0fccd30$72f66790$@net>
> Content-Type: text/plain; charset=us-ascii
>
> Hello. On this website
>
(http://www.gnupg.org/faq/GnuPG-FAQ.html#how-can-i-get-list-of-key-ids-used-
> to-encrypt-a-message) I found this FAQ and answer:
>
> Question: How can I get list of key IDs used to encrypt a message?
>
> $ gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null | \
> awk '/^\[GNUPG:\] ENC_TO / { print $3 }'
>
>
> As it relates in part to my original question below, I want to ask about
> this in more detail. Knowing which particular key was used for encryption
> would allow me to pinpoint which of the several keys on a key-ring to use
> for decryption and would help save much time and effort in the process
when
> looking at a batch of messages.
>
> I am not a programmer, but I can see that the above command uses the
program
> 'awk' to identify the key used; and I understand that the Gnu program
'gawk'
> has equivalent functionality. I have two questions about it. First, using
> the above command, whereabouts should I put the "path/filenames.asc" in it
> for the command to analyze for decryption, and should I put any other
> unlisted parameters in the command for it to complete? I tried testing it
> like this:
>
> gpg --batch --decrypt <filename.asc> --list-only --status-fd 1
>
> But I saw nothing output on the screen related to the key used on the
file.
[snip]

I found, after fiddling with this a bit and looking at some documentation
online, that the problem is with the posted answer to the FAQ. For the
above command to work as intended, it needs to have the part "--decrypt
<filename.asc>" moved to the end of the line. The Options are supposed to
precede the Commands. Once moved to the end, the command's output does in
fact show me the information about which key it was encrypted to, assuming
that I have the key on my key-ring and that it was not a hidden recipient.

John


> Secondly, are the 'gawk' program commands equivalent to the above listed
awk
> commands, or will I need to alter it in some way? Thanks.
>
> John





_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.