PGP (GnuPG) – what was the original filename

gnupgpgp

John wants to send 1.txt to Paul.

He encrypts it. Now the file is named myFile.pgp, and he sends it to Paul.

Paul gets the file.

How (if possible) can Paul know what the original file name (1.txt) was? Is there a parameter (--xxx) to see the filename ?

I'm using GNU PGP (GnuPG) in console mode.

Best Answer

With GnuPG, the original filename can be seen in gpg --list-packets.

$ gpg --list-packets test.gpg
:pubkey enc packet: version 3, algo 1, keyid CE7B5510340F19EF
    data: [4095 bits]
:encrypted data packet:
    length: 67
    mdc_method: 2
gpg: encrypted with 4096-bit RSA key, ID CE7B5510340F19EF, created 2009-10-31
      "Mantas Mikulėnas <grawity@gmail.com>"
:compressed packet: algo=2
:literal data packet:
    mode b (62), created 1356362981, name="passwords.txt",
    raw data: 8 bytes

(Note: The entire literal data packet, including the filename, is encrypted. If you don't have the private key, you cannot see the name either.)

Alternatively, you can use --decrypt along with with --verbose (or -v -d for short):

$ gpg --verbose --decrypt test.gpg > NUL
gpg: public key is CE7B5510340F19EF
gpg: using subkey CE7B5510340F19EF instead of primary key D24F6CB2C1B52632
4096-bit RSA key, ID CE7B5510340F19EF, created 2009-10-31
         (subkey on main key ID D24F6CB2C1B52632)
gpg: encrypted with 4096-bit RSA key, ID CE7B5510340F19EF, created 2009-10-31
      "Mantas Mikulėnas <grawity@gmail.com>"
gpg: AES256 encrypted data
gpg: original file name='passwords.txt'

(In Linux, use > /dev/null instead.)

If you want to decrypt and save the entire file, use the --use-embedded-filename option:

$ gpg -v --use-embedded-filename test.gpg
…boring output…
gpg: original file name='passwords.txt'
File `passwords.txt' exists. Overwrite? (y/N) n

(Note: You should not use -d or --decrypt with this option, since it never uses the embedded filename. Instead, use the "default" action.)

Do not forget that not all files have names. In Linux, gpg is often used to encrypt another program's output directly, without saving it in a file. It would then show up as:

$ echo Testing | gpg --store | gpg --list-packets
:compressed packet: algo=1
:literal data packet:
    mode b (62), created 1356362394, name="",
    raw data: 8 bytes

When encrypting (or just storing), the embedded filename can be changed with --set-filename.

$ echo Testing | gpg --store --set-filename "test.txt" | gpg --list-packets
:compressed packet: algo=1
:literal data packet:
    mode b (62), created 1356362790, name="test.txt",
    raw data: 8 bytes
Related Question