Storing keys and signatures as sexps

Ludovic Courtès ludo at
Mon Jan 20 18:27:01 CET 2014

Werner Koch <wk at> skribis:

> On Sat, 21 Dec 2013 21:24, ludo at said:


>> AFAICS the format is generic, stable, and not libgcrypt-specific, so
>> this looks like a reasonable choice.
> I tried to model it along SPKI but there are for sure some Libgcrypt
> specific details.  LSH also uses (still?) S-expression.

There are differences between sexps produced by lsh’s libspki, and
gcrypt sexps.  Notably:

  • libspki stores RSA public keys as shown in
    <>, with tokens like
    ‘rsa-pkcs1-md5’, whereas gcrypt produces something slightly

  • lsh has its own format to represent password-protected key pairs
    (with the limitation that the whole key pair is encrypted);

  • higher-level SPKI sexps like signatures are not standardized; for
    instance gcrypt uses the ‘sig-val’ token, whereas spki.txt suggests
    something slightly different.

(Niels and I discussed some of these items at

It would be great if we could work towards unifying the sexps used in
both implementations.

>> Nevertheless, is there anything you would caution about?
> If you want to hash the material you need to convert it to canonical
> format first - but that is easy.


Thanks for your feedback!


More information about the Gcrypt-devel mailing list