pass stores a .gpg-id file to know which keys should be used for encryption on a given directory and all its subdirectories (except if they have their own .gpg-id file). Thus, in a single git repo, it is possible to have different directories configured for different keys. This is a rather useful feature for team work.
Unlike pass, Android Password Store has a global configuration for all directories and does not honour the .gpg-id files inside them. We select the keys we wish to encrypt to under Select OpenPGP Key id in settings. From then on, these are used for all new files, no matter where they are created. Thus, while adding passwords in Android Password Store, one has to keep changing the keys under Select OpenPGP Key id. This is rather cumbersome and inevitably leads to errors. Some passwords end up encrypted with the wrong keys, meaning that one or more team members are wrongfully allowed or denied access.
The lack of this feature was referenced by @zeapo on #51. I'm opening this issue as a reminder because I consider it somewhat critical.
This is indeed critical for teamwork and for pass compatibility in general. Whenever I change .gpg-id and push it to the repo I expect it to be honoured everywhere automatically.
This is really critical.
I use per-device (GPG) keys, and just had issues with opening a password created on my mobile on my laptop (since it was only encrypted to the mobile key, although both mobile an laptop key are in the .gpg-id).
At least I know why now. :)
Well, this will be in the next release :)
I was unable to get this working with 1.2.0.64 Was this feature already included?
not yet, soon, sorry had to fix some bugs before getting to this
I've just tested decryption using multiple keys. The current version of the app is able to do it without any code change. Just select the different keys you want in the settings. When you try to open a password encrypted with a key you never used, OpenKeychain will ask you to select the authorized keys.
Once done, you'll be able to decrypt any password with any selected key :)
Encryption however is another story ;)
Most helpful comment
Well, this will be in the next release :)