Keyrings file format

David Shaw dshaw at
Wed Jan 7 06:09:06 CET 2009

On Jan 7, 2009, at 12:04 AM, Robert J. Hansen wrote:

> David Shaw wrote:
>> That is not correct.  The whole point of --with-colons is that it  
>> is a
>> stable interface.  It exists for exactly what you are doing: being
>> used from another program.
> I've written code to parse --with-colons a few times, and while I
> haven't found it very hard to get it working to the 90% point, strange
> or peculiar keys will often cause code to break or behave weirdly.  A
> lot of this is due to the lack of a BNF for a key entry.  E.g., my  
> first
> time writing a parser for --with-colons, I assumed that every key
> possessed at least one UID.  This assumption is not sound, as it's
> apparently possible to craft keys with no UIDs.

Yes and no.  It's not just UIDs - you can mangle a key in dozens of  
different ways.  GPG will then do its best to handle it, but  
fundamentally, that's a broken key.  There isn't much that can be done  
with it.  Speaking about UIDs specifically, there is no legal "front  
door" way to create such a key in GPG, as that key violates the spec.

> It would be nice if in the HACKING document there was a concise BNF  
> for
> the key format, to spare other people the headaches of discovering the
> sharp edges the hard way.

Do I hear a volunteer? ;)


More information about the Gnupg-devel mailing list