Storing keys and signatures as sexps
Ludovic Courtès
ludo at gnu.org
Mon Jan 20 18:27:01 CET 2014
Werner Koch <wk at gnupg.org> skribis:
> On Sat, 21 Dec 2013 21:24, ludo at gnu.org said:
[...]
>> AFAICS the format is generic, stable, and not libgcrypt-specific, so
>> this looks like a reasonable choice.
>
> I tried to model it along SPKI but there are for sure some Libgcrypt
> specific details. LSH also uses (still?) S-expression.
There are differences between sexps produced by lsh’s libspki, and
gcrypt sexps. Notably:
• libspki stores RSA public keys as shown in
<http://theworld.com/~cme/spki.txt>, with tokens like
‘rsa-pkcs1-md5’, whereas gcrypt produces something slightly
different;
• lsh has its own format to represent password-protected key pairs
(with the limitation that the whole key pair is encrypted);
• higher-level SPKI sexps like signatures are not standardized; for
instance gcrypt uses the ‘sig-val’ token, whereas spki.txt suggests
something slightly different.
(Niels and I discussed some of these items at
<https://lists.gnu.org/archive/html/guix-devel/2013-12/msg00141.html>.)
It would be great if we could work towards unifying the sexps used in
both implementations.
>> Nevertheless, is there anything you would caution about?
>
> If you want to hash the material you need to convert it to canonical
> format first - but that is easy.
Right.
Thanks for your feedback!
Ludo’.
More information about the Gcrypt-devel
mailing list