Page MenuHome GnuPG
Create Task
Maniphest T1825

Add a re-encrypt to additional key
Testing, HighPublic
Actions

Description

It is sometimes useful to have a long-term storage key and a feature in the MUA
to add an additional public key encrypted packet to a message which was
encrypted to a temporary key.

Revisions and Commits

rG GnuPG
rG600df5259db0 gpg: Detect duplicate keys with --add-recipients.
rGd528d0b06533 gpg: New commands --add-recipients and --change-recipients.
rG1695cf267edf gpg: New option --show-only-session-key
rM GPGME
rMcd79fc39736f core: New encryption flags GPGME_ENCRYPT_ADD_RECP and _CHG_RECP.

Related Objects

Event Timeline

werner added projects: Feature Request, gnupg.Feb 2 2015, 6:32 PM
werner added a subscriber: werner.
neal added a subscriber: neal.Jun 12 2015, 4:12 PM

Does encrypt-to/hidden-encrypt-to in gpg.conf do this?

neal added a comment.Nov 18 2015, 1:48 PM

I now see I misunderstood the problem description.

The point is that a user has a message that is encrypted to key X. After
receiving the message, he wants to allow another key (say Y) to decrypt the
message by adding a symmetrically encrypted data packet to the message for Y,
i.e., without reencrypting the whole thing.

werner added a comment.Dec 1 2015, 7:01 PM

Right, or for example to re-encrypt a message to a workmate.

werner edited projects, added gnupg24; removed gnupg.Jan 19 2023, 3:32 PM
werner added a comment.Apr 23 2024, 2:10 PM

Another important use-case is to provide a way to migrate to a newer smartcard.

werner added a project: Restricted Project.Apr 23 2024, 2:10 PM
werner raised the priority of this task from Normal to High.Jun 6 2024, 11:23 AM
werner added a commit: rG1695cf267edf: gpg: New option --show-only-session-key.Jun 24 2024, 4:31 PM
werner added a commit: rGd528d0b06533: gpg: New commands --add-recipients and --change-recipients..Sep 9 2024, 4:48 PM
werner added a comment.Sep 9 2024, 4:51 PM

This has now been implemented for gnupg26 for public key encryption. However, symmetric key encryption, a man page, and the gpgme support are missing right now.

werner added a commit: rMcd79fc39736f: core: New encryption flags GPGME_ENCRYPT_ADD_RECP and _CHG_RECP..Sep 9 2024, 5:49 PM
werner mentioned this in T7191: Release GnuPG 2.5.1.Sep 12 2024, 12:22 PM
werner mentioned this in T7376: Release GPGME 1.24.0.Nov 6 2024, 11:41 AM
ikloecker mentioned this in T7395: Prepare Release Notes for Gpg4win 4.4.0 for Kleopatra.Nov 14 2024, 9:23 AM
werner added a commit: rG600df5259db0: gpg: Detect duplicate keys with --add-recipients..Sep 26 2025, 4:25 PM
werner mentioned this in T7869: Release GnuPG 2.5.14.Wed, Oct 22, 2:18 PM
werner mentioned this in T7801: Release GnuPG 2.5.13.Wed, Oct 22, 2:21 PM
werner changed the task status from Open to Testing.Wed, Oct 22, 2:25 PM
werner edited projects, added gnupg26; removed gnupg24.
werner moved this task from Backlog to QA on the gnupg26 board.