堆栈内存溢出
  简体   繁体   English

如何从 GPG 钥匙串中导出 RSA 密钥?

[英]How can I export the RSA Key from a GPG Keychain?

 原文  2022-08-02 09:28:56       encryption/ openssl/ rsa/ gnupg/ private-key

问题描述

I would like to encrypt / decrypt Data with RSA.我想用 RSA 加密/解密数据。 So I generated a new Keypair with PGP.所以我用 PGP 生成了一个新的密钥对。

gpg --full-generate-key
gpg (GnuPG) 2.3.7; Copyright (C) 2021 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Bitte wählen Sie, welche Art von Schlüssel Sie möchten:
   (1) RSA und RSA
   (2) DSA und Elgamal
   (3) DSA (nur signieren)
   (4) RSA (nur signieren)
   (9) ECC (signieren, verschlüsseln) *standard*
   (10) ECC (nur signieren)
   (14) Vorhandener Schlüssel auf der Karte    
Ihre Auswahl? 1

When I export the key with:当我导出密钥时:

gpg --export-secret-key --armor --output mykey.asc

I get this kind of file:我得到这种文件:

-----BEGIN PGP PRIVATE KEY BLOCK-----

lQcYBGLoxDcBEACavJOlQvSY9g+bjHgzMSOOnTQ+pgMukFPsUUDIXZZkT/YVcgn7
...

This is a GPG Key, not an RSA Key.这是 GPG 密钥,而不是 RSA 密钥。 Or at least not the pure RSA Key.或者至少不是纯 RSA 密钥。

For example, if I use openssl to generate the RSA Key, I get for:例如,如果我使用 openssl 生成 RSA 密钥,我得到:

openssl genrsa  -out private.pem 2048

This key now has the typical RSA Signature at the beginning.此密钥现在在开头具有典型的 RSA 签名。

-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBWbLfGcMBn4fu

So the Question is, how can I export the pure RSA (public) Key from the GPG Keychain?所以问题是,如何从 GPG 钥匙串中导出纯 RSA(公共)密钥? The Reason I just can't use the OpenSSL Keys is because I want to store the private Key on a SmartCard like an YubiKey.我不能使用 OpenSSL 密钥的原因是因为我想像 YubiKey 一样将私钥存储在智能卡上。 And this I can only do with the GPG Module.而这我只能用 GPG 模块来做。

2 个解决方案

解决方案1
 0  2022-08-03 10:49:19

OpenPGP (and GnuPG as implementation of the OpenPGP standard) uses their own key format, which is not raw RSA PKCS#1 key as it is used by the openssl. OpenPGP(以及作为 OpenPGP 标准实现的 GnuPG)使用它们自己的密钥格式,它不是原始的 RSA PKCS#1 密钥,因为它被 openssl 使用。 If you need a raw key you should generate it with openssl.如果您需要原始密钥,您应该使用 openssl 生成它。

解决方案2
 0  2023-02-02 17:31:51

gpg (GnuPG) implements the so-called "hybrid encryption" where an asymmetric key (eg. RSA public/private key pair) is used to encrypt a symmetric key (eg. AES256) that is used to encrypt your data. gpg (GnuPG)实施所谓的“混合加密”,其中使用非对称密钥(例如 RSA 公钥/私钥对)来加密用于加密数据的对称密钥(例如 AES256)。

Normally asymmetric key (RSA) is not used directly to encrypt the data (it's very slow if the data is large).通常不直接使用非对称密钥(RSA)来加密数据(如果数据很大,它会很慢)。 But for some reason if you really want to do it, you'll need a low level library like pycryptodome where you have more freedom to pick and choose your key and cipher.但出于某种原因,如果你真的想这样做,你将需要一个像pycryptodome这样的低级库,在那里你可以更自由地挑选和选择你的密钥和密码。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何从RSA公钥获取私钥? - How can I get the private key from an RSA public key? 如何导出私有/秘密 ASC 密钥以解密 GPG 文件 - How to Export Private / Secret ASC Key to Decrypt GPG Files 如何使用gpg从请求发布中加密文件 - How can I encrypt files from request post with gpg 如何从Windows密钥库解密RSA密钥? - How do I decrypt RSA keys from Windows Key Store? 从Web应用程序导出/导入RSA密钥对 - Export/Import RSA key pair from web app 如何在Java中生成可在Android和iOS上使用的RSA公钥? - How can I generate a RSA Public key in Java that can be used on Android and on iOS? RSA - 您可以从私钥创建公钥吗? - RSA - Can you create a public key from a private key? 如何使用PyCrypto读取标准的openssl rsa私钥并使用它进行解密 - How can I read a standard openssl rsa private key with PyCrypto and decrypt with it 如何在 C# 中使用带有 ProtectSection 方法的 RsaProtectedConfigurationProvider 创建可导出的 RSA 密钥 - How can I create an exportable RSA key with RsaProtectedConfigurationProvider with ProtectSection method in C# 如何在python中使用RSA / ECB / PKCS1Padding创建密钥? - How can I create a key using RSA/ECB/PKCS1Padding in python?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM