Mailing List Archive: GnuPG: devel

Re: [guardian-dev] Format of exported subkeys from gnupg

Index | Next | Previous | View Threaded

tom at ritter

Jul 19, 2012, 3:20 PM

Post #1 of 10 (351 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg

On 19 July 2012 15:14, Abel Luck <abel [at] guardianproject> wrote:
> Hello,
>
> I'm with the Guardian Project, picking up where Hans left off last year
> [0] in an attempt to integrate OTR keys as subkeys in gnupg.
>
> Guardian is working on a OTR key conversion utility [1] to convert
> between the myriad formats of OTR keys (all DSA btw).
>
> In order to do this I need access to the raw DSA parameters: p, q, g, y
> and x.
>
> My question is how can I take the output produced by
> --export-secret-keys and access those 5 numbers?
>
> Inversely, how can I take 5 numbers and produce an importable file to
> import OTR subkeys into a master key?
>
> I've been poking around in g10/export.c in gnupg2, and see that it is
> using s-expressions internally. It looks like I might need to roll my
> owner parser and writer, is there any documentation on this format?
>
> Alternatively, if I could mangle the exported data into an openssl
> format, I could use existing openssl tools to pull out the data I need.
>
> gpgsm exports p12, but I can't see how to make it work with gpg subkeys.
>
> Any advice in this area would be much appreciated.

I think what you're looking for is the OpenPGP specification. That
should allow you to create an ASCII-armored or binary representation
of the data to import into GPG, and tells you the format that GPG
outputs. http://tools.ietf.org/html/rfc4880#section-5.5.3 Fortunetly,
it's much easier than working with S-Expressions (IMO at least.)

(Feel free to follow up with me on-list or off-list, I'd be happy to
help out the Guardian Project as best I can.)

-tom

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

wk at gnupg

Jul 20, 2012, 12:29 AM

Post #2 of 10 (345 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

On Fri, 20 Jul 2012 00:20, tom [at] ritter said:

> outputs. http://tools.ietf.org/html/rfc4880#section-5.5.3 Fortunetly,
> it's much easier than working with S-Expressions (IMO at least.)

Hans worked on GnuPG 2.1 which has an easy way to access the secret key
parameters.

$ gpg2 -K --with-keygrip CD8687F6
sec 1024D/CD8687F6 2006-01-17
Keygrip = 21EB68B1FFA01EF777E2D0B1A92A2276D82C2F1C
uid Heinrich Heine <heinrichh [at] duesseldorf>
ssb 1024g/4ECFEF6F 2006-01-17
Keygrip = 654EFA6F19DF08ABFEB88092BC4867D4C5A95460

If you want to script that you should add --with-colons and a grep for
"^grp:". Now with the keygrip you can locate the secret key:

$ ls ~/.gnupg/private-keys-v1.d/654EFA6F19DF08ABFEB88092BC4867D4C5A95460.key

Now if you have not set a passphrase (check out "gpg2 --passwd") you may
use gpg-protect-tool to convert the S-expression into the advanced
format:

$ /us[...]/libexec/gpg-protect-tool ~/.gnu[...]67D4C5A95460.key
(private-key
(elg
(p #00A6B1DAED[...]#)
(g #05#)
(y #00BC5B46C0[...]#)
(x #03C544C345[...]#)
)
)

Libgcrypt has a parser for it. You should find example code to extract
stuff in libgcrypt/tests/.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

abel at guardianproject

Jul 20, 2012, 3:09 PM

Post #3 of 10 (345 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

Abel Luck:
> Werner Koch:
>> > $ ls ~/.gnupg/private-keys-v1.d/654EFA6F19DF08ABFEB88092BC4867D4C5A95460.key
> Thanks for the info Werner!
>
> Using GnuPG 2.0.19 my .gnupg/private-keys-v1.d/ directory is empty, is
> this expected?
>
> Also, what about the method you described is 2.1 specific, ideally we'd
> like this to work on 2.0 versions as well, but 2.1 is definitely a start!
>
> Abel
>
>

Attachments:

signature.asc (0.62 KB)

wk at gnupg

Jul 22, 2012, 8:59 AM

Post #4 of 10 (341 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

On Sat, 21 Jul 2012 00:09, abel [at] guardianproject said:

>> Using GnuPG 2.0.19 my .gnupg/private-keys-v1.d/ directory is empty, is
>> this expected?

Unless you use S.MIME it is indeed empty for 2.0. Only 2.1 uses it also
for OpenPGP.

>> Also, what about the method you described is 2.1 specific, ideally we'd
>> like this to work on 2.0 versions as well, but 2.1 is definitely a start!

2.1 will replace 2.0. Actually our work on the N900 and the HTC Touch
Pro to port Kontact to them was done using 2.1. Thus I strongly suggest
to use 2.1 for any new platforms.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

hans at guardianproject

Jul 22, 2012, 9:14 AM

Post #5 of 10 (342 views)
Permalink

Re: Format of exported subkeys from gnupg [In reply to]

On 07/22/2012 11:59 AM, Werner Koch wrote:
> On Sat, 21 Jul 2012 00:09, abel [at] guardianproject said:
>
>>> Using GnuPG 2.0.19 my .gnupg/private-keys-v1.d/ directory is empty, is
>>> this expected?
>
> Unless you use S.MIME it is indeed empty for 2.0. Only 2.1 uses it also
> for OpenPGP.
>
>>> Also, what about the method you described is 2.1 specific, ideally we'd
>>> like this to work on 2.0 versions as well, but 2.1 is definitely a start!
>
> 2.1 will replace 2.0. Actually our work on the N900 and the HTC Touch
> Pro to port Kontact to them was done using 2.1. Thus I strongly suggest
> to use 2.1 for any new platforms.

We're trying to parse existing keys on a wide variety of platforms so
that we can convert between various formats. This an essential part of
our idea to make the gpg key the master crypto identity, and then use
subkeys for various other applications, like OTR, TextSecure, S/MIME,
etc. Then the user will only need to deal with one single key for trust
relationships.

Right now, we are starting out by generating DSA subkeys in gpg, and
exporting them for use in OTR. libotr's private key format is a
hex-based S-expression. The subkey export format for gpg v2.0 is not
clear to us, so any pointers on docs or the place in the gpg code to
figure that out would be most appreciated.

.hc

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

abel at guardianproject

Aug 3, 2012, 9:19 AM

Post #6 of 10 (327 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

Tom Ritter:

> I think what you're looking for is the OpenPGP specification. That
> should allow you to create an ASCII-armored or binary representation
> of the data to import into GPG, and tells you the format that GPG
> outputs. http://tools.ietf.org/html/rfc4880#section-5.5.3 Fortunetly,
> it's much easier than working with S-Expressions (IMO at least.)

So, I've dived into parsing OpenPGP packets as per the spec, and all is
well, until I get to parsing the actual secret key data (the MPI values).

In 99% of cases these secret values are encrypted. As I see it these are
my options for getting at the unencrypted values.

1. Implement all possible ciphers in my library, ask the user for their
key and decrypt
2. Only support plaintext exported keys, decryption is handled by GnuPG
during export.

The first will require implementation of the entire pgp cipher suite,
which is beyond our calling. The second will leak unprotected secret key
data to disk.

Remember, the use case for this is exporting secret-subkeys used as OTR
keys for interoperability with OTR clients. Most (all?) OTR apps store
the private OTR key material unencrypted anyways, so leaking this data
to disk is not an issue. (Though, yes later on, I'll be pushing the line
over on otr-dev that we need to start encrypting the private keys)

Thus the question is: how can I --export-secret-subkeys with
unprotected/plaintext secret key values?

~abel

Attachments:

signature.asc (0.62 KB)

dkg at fifthhorseman

Aug 3, 2012, 9:34 AM

Post #7 of 10 (326 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

On 08/03/2012 12:19 PM, Abel Luck wrote:
> 1. Implement all possible ciphers in my library, ask the user for their
> key and decrypt

please don't re-implement the ciphers. there are plenty of libraries
that do that for you :) If you're using C, libgcrypt and libnettle are
both good options.

> 2. Only support plaintext exported keys, decryption is handled by GnuPG
> during export.

this is simpler, true. :)

> Thus the question is: how can I --export-secret-subkeys with
> unprotected/plaintext secret key values?

i think you want something like:

--export-options export-reset-subkey-passwd,export-minimal

hth,

--dkg

Attachments:

signature.asc (1.01 KB)

hans at guardianproject

Aug 3, 2012, 10:08 AM

Post #8 of 10 (327 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

On 08/03/2012 12:34 PM, Daniel Kahn Gillmor wrote:
> On 08/03/2012 12:19 PM, Abel Luck wrote:
>> 1. Implement all possible ciphers in my library, ask the user for their
>> key and decrypt
>
> please don't re-implement the ciphers. there are plenty of libraries
> that do that for you :) If you're using C, libgcrypt and libnettle are
> both good options.
>
>> 2. Only support plaintext exported keys, decryption is handled by GnuPG
>> during export.
>
> this is simpler, true. :)
>
>> Thus the question is: how can I --export-secret-subkeys with
>> unprotected/plaintext secret key values?
>
> i think you want something like:
>
> --export-options export-reset-subkey-passwd,export-minimal

Since we are talking about just exporting subkeys, I think using the
plaintext export should be workable as long as gpg can export to stdout.
Then we can just receive the unencrypted private key via stdin and
it'll never touch the disk.

.hc

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

dkg at fifthhorseman

Aug 3, 2012, 10:12 AM

Post #9 of 10 (325 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

On 08/03/2012 01:08 PM, Hans-Christoph Steiner wrote:

> Since we are talking about just exporting subkeys, I think using the
> plaintext export should be workable as long as gpg can export to stdout.
> Then we can just receive the unencrypted private key via stdin and
> it'll never touch the disk.

You might be interested in the jiggery-pokery that monkeysphere
subkey-to-ssh-agent does to make sure this happens. it's a pretty
similar use case.

If you have monkeysphere installed, take a look at
/usr/share/monkeysphere/m/subkey_to_ssh_agent

hth,

--dkg

Attachments:

signature.asc (1.01 KB)

abel at guardianproject

Aug 3, 2012, 10:28 AM

Post #10 of 10 (330 views)
Permalink

Re: [guardian-dev] Format of exported subkeys from gnupg [In reply to]

Daniel Kahn Gillmor:
> On 08/03/2012 12:19 PM, Abel Luck wrote:
>> 1. Implement all possible ciphers in my library, ask the user for their
>> key and decrypt
>
> please don't re-implement the ciphers. there are plenty of libraries
> that do that for you :) If you're using C, libgcrypt and libnettle are
> both good options.

Of course I didn't mean re-implement the ciphers themselves, sorry I was
unclear. I meant "implement them" by pulling in other libraries as you
suggested. :D

>> 2. Only support plaintext exported keys, decryption is handled by GnuPG
>> during export.
>
> this is simpler, true. :)
>
>> Thus the question is: how can I --export-secret-subkeys with
>> unprotected/plaintext secret key values?
>
> i think you want something like:
>
> --export-options export-reset-subkey-passwd,export-minimal

Perfect :) Thanks for this dkg. I'm 95% of the way there now.

~abel

Attachments:

signature.asc (0.62 KB)

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads