gpgme - raw RSA operation using GPG public/private keys?
gnupg-user at niob.at
gnupg-user at niob.at
Wed Jul 26 02:21:40 CEST 2017
Hello List!
One more question for this topic: Am I right that secret key export is
not really implemented, even though there is the
GPGME_EXPORT_MODE_SECRET flag to gpgme_op_export_keys()?
If this is correct: Why is there such a flag?
sincerely
peter
Am 17/07/17 um 13:25 schrieb gnupg-user at niob.at:
> Am 12.07.2017 um 01:55 schrieb Daniel Kahn Gillmor:
>> On Fri 2017-07-07 18:01:03 +0200, gnupg-user at niob.at wrote:
>>> I am looking for a "simple" way to use a GPG public/private RSA key to
>>> do "raw" RSA operations. I have the impression, that gpgme only deals
>>> with "real" OpenPGP data structures, but this does not fit my use case.
>>> This is for an application that is currently based on openssl crypto.
>> you're right -- gpgm is only for higher-level protocol operations,
>> whether they're OpenPGP or CMS (cryptographic message syntax). it
>> doesn't offer low-level crypto primitives.
>>
>> if you want low-level crypto primitives that are GPL-compatible, you can
>> use libhogweed (from the nettle project) or libgcrypt.
> Thanks a lot for the answer. So the next question is: How? That is: I
> could not find any libgcrypt functions taking a gpg key obtainable
> through gpgme.
>
> But that is the key problem (haha): I *could* (by hand) parse a secret
> key exported using gpg (or, if possible, through gpgme) and use the RSA
> parameters to build up the key structure required for either libgcrypt
> (or openssl). But that would make it impossible to deal with e.g. gpg
> agents.
>
> So to rephrase the question: How would I proceed to do raw RSA
> operations using libcrypt for gpg keys stored in a standard key ring? Or
> is this functionality not exposed directly in any library? Would it be
> best to look at how gpg itself does this? Any pointers (source files,
> docs, examples, etc.?)
>
>> Modern GnuPG uses libgcrypt for its crypto primitives, fwiw.
> I want to be modern as well... :-)
>> --dkg
> peter
>
>
More information about the Gnupg-users
mailing list