How to get my GNUPG Elgamal private key exponent?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri May 1 15:57:27 CEST 2015
On Fri 2015-05-01 02:37:03 -0400, Danny Crane wrote:
> I have tried googling around. The closest solution I get is:
>
> private.key contains the private key file.
>
> $pgpdump -i private.key
>
> But this only gives me the following:
>
> ElGamal p
> ElGamal g
> ElGamal y
> Encrypted Elgamal x
> some other information of crypto
>
> It shows the value for p,g,y, but not x. How can I find out the value of x?
pgpdump shows that x is encrypted. pgpdump isn't capable of decrypting
it.
If you remove the passphrase from your secret key, you should be able to
produce a file that pgpdump can parse for you.
however, note that this places your secret key material is a very
exposed place -- anyone who gets that file can trivially compromise your
key.
Since el gamal keys are usually subkeys, you might try *only* exporting
the subkey without a passphrase, so that at least you do not expose the
secret key material for your primary key.
Using gpg 1.4.x or 2.0.x, that should be possible with:
gpg --export-options export-reset-subkey-passwd --export-secret-subkeys ${SUBKEYID}\! | pgpdump
yes, that is a literal ! at the end. so if your subkey ID is
0x1234567890abcdef, then you would run:
gpg --export-options export-reset-subkey-passwd --export-secret-subkeys 0x1234567890abcdef\! | pgpdump
hth,
--dkg
More information about the Gnupg-users
mailing list