OpenPGP Support

RobertM

Both 2016 and 17 encrypt to every public key I have, no matter who or how many recipients I choose. If I choose only one recipient, out of five possible recipients, the file will be encrypted to all five instead of just the one selected. Is this a bug or am I doing something wrong?

BigMike

I can confirm this, and there seems to be more work with the encryption of files :’(

• In the key selection dialog, I see other keys, than in my default key manager, so somehow, PowerArchiver uses its own keyring, but doesn’t sync it properly.
• I’m not able to display the trust values of the keys
• The back arrow in the key selection window has no function, the back arrow in the password window cancels the operation and closes the dialog (while a 0 byte file stays behind)
• The password dialog isn’t intuitive at all - it’s the dialog for creating a new password - you need to retype the password, you get a warning on weak passwords and a password policy is displayed. But actually, you need to enter the existing password of your private key
• It seems you can’'t create an encrypted file without signing it

bigdog

It definitely has issues with PGP and keys. I reported a bug well over a year ago about it not displaying the name on the key correctly and so far it has not been fixed.

I believe you always have to sign a file to encrypt it. That is part of the PGP standard.

RobertM

I’ll go ahead and share my other issue with the GnuPG support.

If I have more than one private key, I’m asked to enter a password (for signing) for each private key I have - even though I’ve selected only one signing key and only one is possible.

So here’s the drill:

Let’s say my keyring has ten public keys of others and two personal key-pairs of my own. I want to encrypt to one of my personal keys and one other key - and sign with one of my two private keys. So I choose myself and one other recipient, for a total of two recipients. Obviously I will have chosen only one of my two keys for signing. I will be asked to enter passwords for both of my private keys and the file will be encrypted to twelve recipients! My actual keyring is decades old and contains dozens of keys. Using it with PA is therefore impractical.

As for making signing of files compulsory, all I will say is that most, if not all, GnuPG front-ends allow encryption without signing, including GPA and Kleopatra.

bigdog

@RobertM said in OpenPGP Support:

As for making signing of files compulsory, all I will say is that most, if not all, GnuPG front-ends allow encryption without signing, including GPA and Kleopatra.

I stand corrected. I thought that you needed to sign a file as part of encrypting to certify it but I looked again and you are correct.

Now hopefully PA can fix the issues with PGP

Mili

will take a close look at the reported issues and log issues in/report back as necessary.

thanks very much all for the details

BigMike

@bigdog said in OpenPGP Support:

I believe you always have to sign a file to encrypt it. That is part of the PGP standard.

No, I can perfectly encrypt files using GnuPG without signing. Even in strict OpenPGP mode.