Inspect encrypted file details about age HOT 4 OPEN

Disclaimer: I am not a cryptographer, so maybe I misunderstood the spec.

Looking at the spec, I think it's impossible to do this. The best that could be done is to tell how many recipients there are, but is this really useful?

For example: The spec says, that an age reciepient (X25519) stanza is composed like this:

-> X25519 encode(X25519(ephemeral secret, basepoint))
encrypt[HKDF[salt, label](X25519(ephemeral secret, public key))](file key)

You can see that the public key is only used (after some transformation) to encrypt the file key. I think it is thus impossible to get back the public key from that. It's probably (I'm not sure) even impossible to tell if the file was encrypted for a given public key. I would guess, that this is an intended security feature: No third party should be able to tell for whom a file was encrypted.

from age.

We can't print what recipients a file is encrypted to, but there should be a way to get a text/JSON output with number and types of recipients, header version, and file size. It would work for both armored and binary files.

from age.

It would be nice to be able to find the file size, at least in the Go API, without needing to read the full file. I would like to decrypt a file and stream the raw file out, but use content length=N prefix. It seems like this should be possible by reading the header and knowing the encrypted file size.

from age.

While writing another client for age, I've encountered another application for something like this: If a user tries to decrypt an age file with a password, that was not encrypted with a password, the error from the age library tells the user that the password was wrong.

If the age library gave me some way to see if scrypt was even used during encryption, I could tell the user, whether there is even a point in trying other passwords.

from age.