On Mar 5, 2010, at 9:51 AM, Nicolas Boullis wrote: > On Thu, Mar 04, 2010 at 06:13:17PM -0500, David Shaw wrote: >> On Mar 4, 2010, at 4:34 PM, Nicolas Boullis wrote: >> >>> Reading RFC 4880 (OpenPGP standard), if I am able to decrypt the session >>> key, it should be possible to create a new Public-Key Encrypted Session >>> Key packet to allow a new key to decrypt the file/message. Removing a >>> Public-Key Encrypted Session Key should also be trivial. >> >> Yes. >> >>> Does gnupg allow such manipulations? >> >> No. >> >>> Or does anyone have suggestions how I should implement this? Libraries >>> to use? >> >> You might be able to hack something together using the GnuPG sources. >> Certainly all of the parts you need are in there - you'd just have to >> put them together. > > OK, thanks for your answer. > I will now have a look at how things are organised in GnuPG code. > Would you suggest that I look at the GnuPG 1 or GnuPG 2 code?
I'd look at the GnuPG 2 code, or more specifically, the GnuPG 2 code plus libgcrypt (the crypto library that GnuPG 2 uses). This allows you to more easily write something standalone outside of GnuPG. > And if I succeed to implement this correctly, do you think the feature > might be merged in GnuPG? I don't know if this is a generally useful thing (you're not the first person to suggest this, but you are not more than the 3rd in the past 5-8 years or so). Each additional feature adds complexity to the code base. If you are going to write something, I'd recommend a standalone tool using libgcrypt for the crypto part. That way the feature exists, and it doesn't have to be carried along with GPG. That's what I did when I wrote 'paperkey'. It could have been part of GPG (as a new output format), but it didn't really make sense as a built in. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
