Import "Raw" RSA Secret Key?

Eric Swanson eswanson at
Fri Dec 20 17:21:17 CET 2013

On 12/19/2013 09:28 PM, David Shaw wrote:
> On Dec 19, 2013, at 7:10 PM, Eric Swanson <eswanson at> wrote:
>> I'm trying to import a "raw" RSA secret key into GnuPG.
>> I have p, q, d and the creation timestamp, as well as anything else
>> that can be computed from them (n, u, e, etc etc).
>> I've been implementing bits of RFC 4880 in an attempt to generate
>> valid secret key files, but it looks like GnuPG won't import a key
>> unless it has a valid self-signature, and that chunk of the
>> specification is large and looks painful to implement.
>> So how can I best get my (p,q,d,timestamp,n,u,e) structure into a
>> valid GPG key which can be used to sign, encrypt, etc messages?
> If you can manage to make a RFC 4880 secret key packet, you should be able to combine it with a user ID packet (either generate one yourself - no crypto needed - or just copy one from another key), and then import the result with --allow-non-selfsigned-uid.  That should skip the need for a self-signature.  Once you have it imported, you can self-sign it via GPG, using "--edit-key xxxxxx sign".
> David
This is exactly what I was looking for. Thanks!

Eric Swanson

More information about the Gnupg-users mailing list