Reputation: 546
I have a PGP message ("-----BEGIN PGP MESSAGE----- ...") How do I get the session key?
When you receive a PGP message encrypted with your key, your PGP software can decrypt it because the message itself is encrypted with a one-time use random key and that random key is encrypted with your own key. Therefore, if you can get the random key ("session key" or "secret key"), then you can share it (and the original message) to prove to someone else what the original message said. This is what I need to do. I have been unable to find commands I can use in Windows or Linux to recover this random key. Does anyone know how to get it from the PGP message?
I'd also like to learn how to improve my search strategy because I believe the answer is already on the Internet and I just didn't search for the right keywords to find it.
Upvotes: 2
Views: 8265
Answers (1)
Reputation: 546
echo '-----BEGIN PGP MESSAGE [...]' | gpg --show-session-key
It's okay if your PGP message spans multiple lines. You can paste it in and the presence of the first single quote causes the CLI to continue your input at the line breaks.
In Windows subsystem for Linux (aka WSL), you can use gpg to do this. One common problem with gpg is that it assumes it has a terminal connection (which is probably true) and that GPG_TTY is an environment variable that points to that connection (which might be false). The result of trying something in this case will produce Inappropriate ioctl for device and you can fix that with the following command: export GPG_TTY=$(tty)
You have to make sure the key you use to decrypt the message is in the keyring of the system you're using. I've been using Kleopatra in Windows and forgot that the keyring it uses is NOT shared with WSL, so I had to gpg --import [filename of my key] and enter my passphrase.
Once all that works, you'll get output that contains something like:
gpg: session key: '3:541FE563...
which you can use as described at https://security.stackexchange.com/questions/115231/how-to-decrypt-a-message-using-only-session-key to share the contents of the encrypted message without divulging your own private key. Thanks to Alex of Localmonero.com (aka Agoradesk.com) for helping me figure this out.
Upvotes: 2
Related Questions
- gpg: decryption failed: Bad session key
- How to Extract PGP public key and PGP Private key from JKS File and to Decrypt a pgp Encrypted Message?
- How to get public key from an OpenPGP smart card without using key servers?
- Is it possible to obtain the PGP message given only the public key and the signature?
- How to use key pair generated by openpgp in go
- Using PGP in golang
- What is the algorithm of PGP to encrypt messages?
- What is a PGP Secret Key?
- How to fetch OpenPGP key for Mesos installation?
- python-gnupg: retrieve public key of a signed message