What is a "key grip"?

Rick van Rein (OpenFortress) rick at openfortress.nl
Sat Jun 15 08:44:29 CEST 2013


I'm having trouble understanding the concept of a "key grip", and I cannot find it documented anywhere.  I'd like to generate keys in a GnuPG-friendly manner, making them available through an SCD mechanism.

As I understand it, it's a handle for the private key -- meaning it's not external stuff, but still useful to do well in a key store.  It's a hex-denoted form of a binary key identifier, right?

I wonder if it should be derivable by GnuPG to a certain value (and if so, what is the calculation?) or if it is merely a value produced by the underlying SCD.  In the latter case, I am confused that it is assumed to be 20 binary bytes long.

In short, if I store a public key and want it to be GnuPG-friendly, what should I use as the keygrip?  For instance, do I write down an S-expression and determine it's SHA-1 and use it as the binary handle to the key?


More information about the Gcrypt-devel mailing list