search

keybase / keybase-issues

A single repo for managing publicly recognized issues with the keybase client, installer, and website.
902 stars 37 forks source link

PGP decrypt: automatically wrap with "BEGIN PGP MESSAGE" when no header is specified #3032

Open Nowaker opened 7 years ago

Nowaker commented 7 years ago

Many tools that output PGP messages (e.g. Terraform's aws_iam_access_key) skip the header. Rather than printing this:

-----BEGIN PGP MESSAGE-----
Version: Keybase OpenPGP v2.0.73
Comment: https://keybase.io/crypto

wc903ksdf98032idso903= (not actual data)
-----END PGP MESSAGE-----

They'll print this instead:

wc903ksdf98032idso903= (not actual data)

The latter is quite hard to decrypt with Keybase. I tried numerous ways of getting this decrypted (e.g. piping with base64 -d, etc) and it seems the only way to get it done is to wrap the string with the header. It applies both to keybase pgp decrypt and https://keybase.io/decrypt.

It'd be great if Keybase could automatically wrap the encrypted message with the header to avoid the hassle of doing it manually. (Or having to pass multi-line strings that are error-prone when pasting around)

aaronsteers commented 4 years ago

Checking in a couple years later - this still seems like a problem, specifically for inline decryption and for the terraform use case mentioned by OP. Is there any update or workaround available?