Decrypt file using a different public key

0

We are using GnuPG to secure our files and didn't encounter any challenges when decrypting or encrypting files. However we have another public key that we imported from another client, let's call them CompanyB, and we need to decrypt the files they sent using their public key (public key B).

How do you specify in command line to use a specific public key to decrypt a file from CompanyB?

>gpg --list-keys
/.../.../gnupg/pubring.gpg
-----------------------------------------------------
pub   2048R/A3116C78 2016-06-28
uid       [ultimate] CompanyA <CompanyA@abc.com>
sub   2048R/27160116 2016-06-28

pub   2048R/678434E4 2016-08-29
uid       [ultimate] CompanyB <CompanyB@xyz.com>
sub   2048R/DE4D3F7E 2016-08-29

We need to use CompanyB's certificate to decrypt CompanyB files.

dimas

Posted 2016-10-03T10:21:44.117

Reputation: 123

The public PGP key is generally used for encryption, the corresponding private key is needed for decryption. CompanyB should encrypt files for you using your public key. If that's not what you want then you need to say more about why. – Michał Politowski – 2016-10-03T10:55:07.450

Answers

2

You're confusing several concept or terms of public/private key cryptography. Public and private keys always occur together (thus, they're often called a public-private-key-pair). The public key is published to people that want to send you encrypted information, while the private key is kept secret and can be used to decrypt the message again.

You cannot decrypt a message using any key but the private key belonging to the public key. This is the most central concept of public/private key cryptography.

If the messages were encrypted for "CompanyB", "CompanyB"'s private key is required to decrypt the message. If you don't have it, you cannot decrypt it; if it would be possible by having only the public key/certificate (those terms are often used intermixed as descibing related, but not equal objects), encryption would be useless. Ask the sender to encrypt for your public key, or ask CompanyB to decrypt the messages for you.

Regarding how keys are selected with GnuPG: simply import the keys (gpg --import), GnuPG will select the proper key automatically. Usually, the required key is stored in the crypto message's headers, otherwise GnuPG will try all of the private keys.

Jens Erat

Posted 2016-10-03T10:21:44.117

Reputation: 14 141

Asked: 2016-10-03T10:21:44.117

Viewed: 417 times

Active: 2016-10-03T11:13:50.190