[guardian-dev] Format of exported subkeys from gnupg

Tom Ritter tom at ritter.vg
Fri Jul 20 00:20:33 CEST 2012


On 19 July 2012 15:14, Abel Luck <abel at guardianproject.info> wrote:
> Hello,
>
> I'm with the Guardian Project, picking up where Hans left off last year
> [0] in an attempt to integrate OTR  keys as subkeys in gnupg.
>
> Guardian is working on a OTR key conversion utility [1] to convert
> between the myriad formats of OTR keys (all DSA btw).
>
> In order to do this I need access to the raw DSA parameters: p, q, g, y
> and x.
>
> My question is how can I take the output produced by
> --export-secret-keys and access those 5 numbers?
>
> Inversely, how can I take 5 numbers and produce an importable file to
> import OTR subkeys into a master key?
>
> I've been poking around in g10/export.c in gnupg2, and see that it is
> using s-expressions internally. It looks like I might need to roll my
> owner parser and writer, is there any documentation on this format?
>
> Alternatively, if I could mangle the exported data into an openssl
> format, I could use existing openssl tools to pull out the data I need.
>
> gpgsm exports p12, but I can't see how to make it work with gpg subkeys.
>
> Any advice in this area would be much appreciated.

I think what you're looking for is the OpenPGP specification.  That
should allow you to create an ASCII-armored or binary representation
of the data to import into GPG, and tells you the format that GPG
outputs. http://tools.ietf.org/html/rfc4880#section-5.5.3  Fortunetly,
it's much easier than working with S-Expressions (IMO at least.)

(Feel free to follow up with me on-list or off-list, I'd be happy to
help out the Guardian Project as best I can.)

-tom



More information about the Gnupg-devel mailing list