On Sun, May 28, 2006 at 08:24:14PM +0200, Volker Dormeyer wrote: > Hello all, > > recently I received a message which is encrypted with my public > authentication key instead of my encryption key. > > I wonder how this can happen, because I thought GnuPG does not use the > authentication key as encryption key. Am I wrong? > > Further, I am not able to decrypt the message. I tried it manually with > "--try-all-secrets", but it doesn't seem to work. Basically it should > work. I mean, I have the authentication private key.
This is unfortunately turning into a FAQ. Basically, you've run into an old PGP bug. It was recently fixed (I don't recall exactly in what version), but there are countless installations of PGP that predate the fix. OpenPGP keys have "key flags" that indicate what a key is to be used for (encryption, signing, or authentication). GnuPG honors these flags and will not encrypt to any key that isn't marked for encryption. The bug is that PGP is not properly looking at the key and will happily encrypt to a signing or authentication key. As to what you can do about it, your best bet is to contact the sender and ask for a retransmission encrypted to the proper key. It might be possible to write a program that can essentially trick the smartcard into decrypting the message by pretending it is a signature that needs to be verified but it depends on how exactly the card handles signatures. In any event, no such program exists today. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
