Secret key export difference in 1.4 and 2.1

A.L.E.C alec at alec.pl
Wed Oct 26 11:21:11 CEST 2016


On 10/26/2016 11:08 AM, Neal H. Walfield wrote:
> The secret key is not simply a dump of the private key material, but
> an OpenPGP message.  This means that there are many ways to encode the
> same data.  It wouldn't surprise me if we are using a slightly
> different encoding in 2.1 vs. 1.4.  But, this is not a bug.  What
> exactly is the test doing, and what is it testing for?

Well, the test is for our exportPrivateKey() method which does just gpg
--export-secret-keys "fingerprint". We makes sure the output is always
the same. It worked with 1.4. If it's not a proper way now, we'll have
to change it, but I'm not sure how to do this. How to find out that
exported data is really the data we want. Or can I just assume that if
there's no error and output data contains "BEGIN PGP PRIVATE KEY BLOCK"
we're fine? I don't think I'll decode the message, I'd prefer some
simple checks.

-- 
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer         [http://kolab.org]
Roundcube Webmail Developer   [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com



More information about the Gnupg-devel mailing list