Hi Gaute-- On Wed 2016-07-13 09:26:18 +0200, Gaute Hope wrote:
Daniel Kahn Gillmor writes on juli 12, 2016 22:26:On Tue 2016-07-12 18:11:55 +0200, Gaute Hope wrote:I am trying to use GMime's GPG support. I can encrypt, decrypt and verify fine - but when I try to use the GMimeDecryptResult certificates to get a list of the recipients for the encrypted message, all fields but the 'keyid' are 0x0. Are these here only for convenience or how do I get them to load the rest of the key information?That implies that GnuPG doesn't have a copy of the signer's certificate.
Sorry, i believe i made a mistake here -- GMimeDecryptResult relates to other keys that this message claims to be encrypted to (in OpenPGP terms, there is a PKESK packet which contains the mentioned key ID). Please be aware that this is trivially-spoofable if you don't have the corresponding secret key, since the payload of the PKESK for a key you don't have should be indistinguishable from random noise. What version of GnuPG are you using with gmime? I believe gmime extracts this from gpg's status-fd, which prints something like: [GNUPG:] ENC_TO 10CD1274504738C1 1 0 [GNUPG:] ENC_TO A70A96E1439EA852 1 0 whether you have the corresponding secret keys or not.
I do have the keys locally though (I have them lsigned as well since I use them as recipients for encrypted messages), it does not work when I encrypt for myself.
whether they're lsigned or not shouldn't be an issue. are you sure
they're in the keyring available to the gmime process?
--dkg
Attachment:
signature.asc
Description: PGP signature