mssun
does not encrypt to multiple subkeys of the same key
For an assortment of reasons, I use 3 separate subkeys, on two separate PGP keys, for my password store. Because 2 encryption subkeys are part of the same key, I explicitly include both in the .gpg-id file in pass, like so:
0xB228BC9249156AC0!
0x612C4A42BD15922C
gnupg will default to only using the latter if I don't specify the subkeys because it is the newer subkey, and is why there is a ! after the first, to force encryption against both.
For iOS, I generated a new key entirely, thus my .gpg-id now looks like:
0xB228BC9249156AC0!
0x612C4A42BD15922C
0x2A604E3971390826
However, when I generate a password in pass for iOS, it is only encrypted against 0xB228BC9249156AC0 (the older subkey) and 0x2A604E3971390826 (the iphone key). The expected behaviour is that the newly generated password is encrypted against all 3 subkeys.
I have the same issue, it seems passforios doesn't distinguish subkeys at all. I have two encryption subkeys:
AE9AA2E8C875BEA47EE6C811B97DA14250269855!
4DD94A01582F20F914A44D918F23A6A090350C52!
Second one is the private key imported to iPhone. I have a folder with the following .gpg-id:
4DD94A01582F20F914A44D918F23A6A090350C52!
When I create a new password from passforios there are two scenarios:
- Both public keys are imported to passforios: password is encrypted with
AE9AA2E8C875BEA47EE6C811B97DA14250269855!subkey, which is the opposite of expected behaviour, and result can't be read back on iPhone. - Only
4DD94A01582F20F914A44D918F23A6A090350C52!public key is imported: password is encrypted with it and can be read back on iPhone.
I have another folder (root one) with .gpg-id containing both subkeys, where I would like passwords to be encrypted for both subkeys.
I suppose switching from subkeys to separate full-fledged keys will work? Or is #147 still unfixed? Because description of this bug tells that password is encrypted for two keys... Right now I'm basically using passforios in read-only mode (which is still very much appreciated).
