different gpg-id files in different folders does not work for encryption #694
Description
Pass for ios is really one very useful app, I like it very much.
Recently I tried the first time to add password on the iphone with it, but it did not work.
I have following situation:
I use three subfolders with different .gpg-id files to use three different gpg keys (one private, one office and one for a special project).
I exported the gpg public key with gpg --export --armor p@pass.loc o@pass.loc s@pass.loc
and also exported the gpg private keys with gpg --export-secret-subkeys --armor p@pass.loc o@pass.loc s@pass.loc.
The shown output I placed into the PGP-Key fields of the setting section.
If I do it this way, I can without a problem decrpyt all the passwords in my passwordstore (where all passwords are added at my local pc and synced to a local git repo). Each subfolder has a .gpg-id with one entry containing the hex short id of the key.
With this setup, I was able to lookup any password, independent in which subfolder it was.
When I now try to add a new password at the iphone, I could easily save it and sync back to my local pc. But I was not able to look at this password on the iphone. When I open this password at my local pc, it was no problem at all. When I checked the gpg file, I found out, that the encryption was done for all three password I use on the dedicated subfolder. Maybe this is the problem, while pass for ios was not able to decrypt it anymore.
As soon as I replace the private key in the PGP-Key field of the setting section by only one keys of the all my gpg passwords, I was able to add a new password at the iphone and also was able to decrypt later. Nevertheless, the password's gpg file will be encrypted with all keys found in the subdirectory (in my case with three keys).
So for me it looks like, that there is an issue using folders with different .gpg-id keys.
So, actuall this are in my opinion two bugs
- encryption should be only done with the key found in the subdirectory, not with any other keys
- decryption has an issue, for what every reason.
Does anybody have observed similar behaviour?
Exists there a work-around regarding this behaviour?