Hi, Some time ago, I decided to revoke my old ElGamal encryption key and replace it with a new RSA one, that I keep stored on a smartcard. (The goal is to be ale to decrypt some messages/files with my laptop, but not have my keys compromised if it gets lost/stolen.)
The trouble is that I have a bunch of old messages/files, encrypted fr my old ElGamal key: I can't decrypt them on my laptop usig my smartcard. So now, on a machine that has my old ElGamal secret key, I'd like to modify those messages/files to make it possible to decrypt them using my new RSA key. I don't like the naive solution "gpg --decrypt | gpg --encrypt" because: - I would lose the signatures of messages/files that are both encrypted and signed, - it requires to decrypt/encrypt the whole data whie it should be sufficient to decrypt/encrypt the session key. Reading RFC 4880 (OpenPGP standard), if I am able to decrypt the session key, it should be possible to create a new Public-Key Encrypted Session Key packet to allow a new key to decrypt the file/message. Removing a Public-Key Encrypted Session Key should also be trivial. Does gnupg allow such manipulations? Or does anyone have suggestions how I should implement this? Libraries to use? I imagine such manipulations might also be interesting for things like encryped mailing-lists... Regards, -- Nicolas Boullis, happy gnupg user for more than 8 years
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
