Page MenuHome GnuPG

support symmetric encryption with multiple passphrases
Open, NormalPublic

Description

Hey.

The standard would allow for messages with multiple symmetrically encrypted session key packets and thus multiple passphrases.
Would be nice if this could be supported by gpg.

Cheers,
Chris.

Event Timeline

werner triaged this task as Normal priority.Aug 13 2021, 11:19 PM
werner added projects: gnupg, symmetric.
werner added a subscriber: werner.

I have no clear idea on how to style the UI for this feature. Technically it is simple but we need top query several passphrases. loopback mode with a list of passphrases might be easiest way to do that.

At first I've had simply tried to give multiple --symmetric options (which of course didn't work).

I guess this would also be a bad way for such a feature, cause it might break anything which already sets (probably accidentally) several --symmetric options and where this works just fine.

What about something like --symmetric-recipients=n ? The wording might not be perfect, cause technically these aren't concrete recipients,... but it would go along with the similar --recipient for pubkey encryption.

For --passphrase-fd and --passphrase-file one could make one password per line. For --passphrase perhaps multiple times that option with different values and/or multiple arguments to it? But that could in principle break compatibility.