您将如何从密钥 s 表达式和创建时间戳重建公钥?
[英]How would you reconstruct a public key from the key s-expression and creation timestamp?
问题描述
I'm specifically asking in relation to this answer where a user is trying to recreate the public key solely from the information in an openPGP Smartcard (due to losing the public key):
关于这个答案,我特别询问用户试图仅从 openPGP 智能卡中的信息重新创建公钥(由于丢失公钥):
https://stackoverflow.com/a/69903994/17503333 https://stackoverflow.com/a/69903994/17503333
The answer states that you should be able to reconstruct the public key from the information retrieved from the gpg-connect-agent through gpg and libcrypt itself, but does not specify how :答案表明您应该能够通过 gpg 和 libcrypt 本身从 gpg-connect-agent 检索到的信息重建公钥,但没有指定如何:
Take the creation time from the KEY-TIME lines.
> /datafile out > scd readkey OPENPGP.1 OK > /byeinstead which writes the s-expression with the public key to the file out.
Is there any way to do this?有没有办法做到这一点? There isn't any specific instructions online that specify what tools/functions within librypt and gpg to use to recreate the public key.在线没有任何具体说明指定 librypt 和 gpg 中用于重新创建公钥的工具/功能。
1 个解决方案
解决方案1
0 2022-07-31 13:32:02
This may be done as following (assumming all required data is returned by the readkey):这可以按如下方式完成(假设所有需要的数据都由 readkey 返回):
- You should parse s-exp and extract all key fields, this could be the guide: https://people.csail.mit.edu/rivest/sexp.html您应该解析 s-exp 并提取所有关键字段,这可能是指南: https://people.csail.mit.edu/rivest/sexp.html
- Then you should build up in hex editor OpenPGP's public key packet, using RFC 4880 as a guide, filling all required fields.然后你应该在十六进制编辑器中建立 OpenPGP 的公钥包,使用 RFC 4880 作为指南,填写所有必填字段。
- Make sure you didn't make a mistake and fingerprint is correct (using the RFC 4880 on 'how to calculate fingerprint' as a guide).确保您没有犯错并且指纹是正确的(使用关于“如何计算指纹”的 RFC 4880 作为指南)。
- Add self-signature for the key, using smart card to sign and build up the signature packet.为密钥添加自签名,使用智能卡签名并构建签名包。
- repeat the same for subkeys.对子项重复相同的操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.