How to detect fingerprint and type of the key from pubring.gpg(public keyring file)?

John Clizbe John at
Fri Aug 2 14:43:16 CEST 2013

Martin T wrote:
> Hi,
> thanks for the reply!
>>> I think "method" in the example above is just indicating that this is a PGP key.
> Exactly. However, how does RIPE server-side software detect that it's
> a PGP key? Is this information(besides other information like key
> creation date and UID) written into pubring.gpg file during the
> creation of the public key?
Yes it's stored in the key packets. The format for all the packets is
described in RFC 4880

You can see the data yourself by listing the packet data

    gpg --export 0xDECAFBAD | gpg --list-packets


    gpg --export 0xDEADBEEF | pgpdump

--list-packets accepts the -v option to increase verbosity. See the gpg man page

>>> No. The fingerprint is based on the key material only. You can
>>> add/change UIDs without the fingerprint changing.
> Indeed. I revoked my current UID and changed it to another one and
> both public and private key fingerprints remained the same. So the key
> fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other
> type of hash?

SHA-1 for current V4 keys. Covered in RFC 4880

John P. Clizbe                      Inet: John (a) Gingerbear DAWT net
SKS/Enigmail/PGP-EKP                  or: John ( @ ) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://  or
     mailto:pgp-public-keys at

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 520 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130802/50918659/attachment.sig>

More information about the Gnupg-users mailing list