Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to decrypt using the sender public key #435

Open
sydneywu opened this issue Apr 24, 2023 · 1 comment
Open

How to decrypt using the sender public key #435

sydneywu opened this issue Apr 24, 2023 · 1 comment

Comments

@sydneywu
Copy link

This is similar question to topic 288. #288.

PGP standard requires 2 set of keys for encryption and 2 sets of keys for decryption. Quote from this guide.
https://www.howtogeek.com/427982/how-to-encrypt-and-decrypt-files-with-gpg-on-linux/
"To send a file securely, you encrypt it with your private key and the recipient’s public key. To decrypt the file, they need their private key and your public key."

The guide only shows decryption using recipient private key. How do we also load the sender public key, on top of recipient private key, to decrypt the text?

(Background: I was trying to use this library to integrate with a bank which send text encrypted using PGP. I realized it was not decrypting properly and the result was gibberish. I tried to use GPG on linux to decrypt. I had to import my private key and sender's public key and i was able to decrypt it correctly using GPG command.)

@dkg
Copy link
Contributor

dkg commented Jul 22, 2023

The howtogeek article that you link to is simply wrong. to decrypt the file, the recipient needs their private key. they only need the sender's public key if they want to verify a signature that the sender made. you can decrypt without verifying the signature.

If the sender is expecting to decrypt the message themselves later (e.g. from a sent folder), then they need to have encrypted the message to both the recipient's public encryption key and to their own public encryption key.
At that point, the sender can decrypt it by using their own secret. (see also "Reading Sent Messages" in draft-ietf-lamps-e2e-mail-guidance)

I recommend closing this bug report as it's not clear there's anything to do to resolve it.

@sydneywu if you have another use case that you want to work through, it might be easier to try to produce a sample environment (e.g. dummy keys and certificates) and include them in the bug report, along with a specific description of what you wanted to happen, what you tried, specifically, and how it failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants