Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: users

transfer private key data between applications

  

 
GnuPG users RSS feed   Index | Next | Previous | View Threaded


Michael.Lorenz at persis

Aug 12, 2008, 2:16 AM

Post #1 of 3 (630 views)
Permalink
transfer private key data between applications
Hello GNU-PG users,

I have a question regarding the export of a private key.

I want to transfer the key-pair of a GPG installation to a Java program (using for example the GNU-Crypto library). Since there is a very large amount of encrypted records I want to avoid to create a big convert-process that decrypts with GPG and encrypts again with Java.

As GNU-Crypto supports "ElGamal" I thought it would be possible to export the private key as bytes and use this information in Java to decrypt the data. But I have difficulties doing this.

I exported the private key with "gpg -o sec_key.out -a --export-secret-keys ..."

Using "http://www.pgpdump.net/" I get the following content.
What I don't understand is how can I get the "x" parameter of the "ElGamal" key which is needed for the private key? PGPdump only says "Encrypted ElGamal x" but not the bytes.
Is the problem that PGPdump can't do this task? Is there another (better) tool?

---
Old: Secret Key Packet(tag 5)(481 bytes)
Ver 4 - new
Public key creation time - Mon Jun 16 14:58:56 CEST 2008
Pub alg - DSA Digital Signature Algorithm(pub 17)
DSA p(1024 bits) - ad d2 [...]
DSA q(160 bits) - c5 f9 [...]
DSA g(1022 bits) - 26 27 [...]
DSA y(1022 bits) - 29 bd [...]
Sym alg - CAST5(sym 3)
Iterated and salted string-to-key(s2k 3):
Hash alg - SHA1(hash 2)
Salt - a2 fe [...]
Count - 65536(coded count 96)
IV - 51 d2 [...]
Encrypted DSA x
Encrypted SHA1 hash
Old: User ID Packet(tag 13)(28 bytes)
User ID - [...]
Old: Signature Packet(tag 2)(94 bytes)
Ver 4 - new
Sig type - Positive certification of a User ID and Public Key packet(0x13).
Pub alg - DSA Digital Signature Algorithm(pub 17)
Hash alg - SHA1(hash 2)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Mon Jun 16 14:58:56 CEST 2008
Hashed Sub: key flags(sub 27)(1 bytes)
Flag - This key may be used to certify other keys
Flag - This key may be used to sign data
Hashed Sub: preferred symmetric algorithms(sub 11)(5 bytes)
Sym alg - AES with 256-bit key(sym 9)
Sym alg - AES with 192-bit key(sym 8)
Sym alg - AES with 128-bit key(sym 7)
Sym alg - CAST5(sym 3)
Sym alg - Triple-DES(sym 2)
Hashed Sub: preferred hash algorithms(sub 21)(2 bytes)
Hash alg - SHA1(hash 2)
Hash alg - RIPEMD160(hash 3)
Hashed Sub: preferred compression algorithms(sub 22)(2 bytes)
Comp alg - ZLIB <RFC1950>(comp 2)
Comp alg - ZIP <RFC1951>(comp 1)
Hashed Sub: features(sub 30)(1 bytes)
Flag - Modification detection (packets 18 and 19)
Hashed Sub: key server preferences(sub 23)(1 bytes)
Flag - No-modify
Sub: issuer key ID(sub 16)(8 bytes)
Key ID - 0xE4...
Hash left 2 bytes - 3d 12
DSA r(159 bits) - 6f 5d [...]
DSA s(159 bits) - 6b 83 [...]
-> hash(DSA q bits)
Old: Secret Subkey Packet(tag 7)(611 bytes)
Ver 4 - new
Public key creation time - Mon Jun 16 14:59:01 CEST 2008
Pub alg - ElGamal Encrypt-Only(pub 16)
ElGamal p(2048 bits) - c2 a6 [...]
ElGamal g(3 bits) - 07
ElGamal y(2046 bits) - 24 34 [...]
Sym alg - CAST5(sym 3)
Iterated and salted string-to-key(s2k 3):
Hash alg - SHA1(hash 2)
Salt - a2 fe [...]
Count - 65536(coded count 96)
IV - d2 1f [...]
Encrypted ElGamal x
Encrypted SHA1 hash
Old: Signature Packet(tag 2)(73 bytes)
Ver 4 - new
Sig type - Subkey Binding Signature(0x18).
Pub alg - DSA Digital Signature Algorithm(pub 17)
Hash alg - SHA1(hash 2)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Mon Jun 16 14:59:01 CEST 2008
Hashed Sub: key flags(sub 27)(1 bytes)
Flag - This key may be used to encrypt communications
Flag - This key may be used to encrypt storage
Sub: issuer key ID(sub 16)(8 bytes)
Key ID - 0xE4...
Hash left 2 bytes - 4b c1
DSA r(159 bits) - 70 d0 [...]
DSA s(157 bits) - 1a 52 [...]
-> hash(DSA q bits)
---

I would be very happy if someone can help.
Thanks in advance ...

Sincerely,

Michael Lorenz.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dshaw at jabberwocky

Aug 12, 2008, 7:18 AM

Post #2 of 3 (590 views)
Permalink
Re: transfer private key data between applications [In reply to]
On Aug 12, 2008, at 5:16 AM, Lorenz, Michael wrote:

> Hello GNU-PG users,
>
> I have a question regarding the export of a private key.
>
> I want to transfer the key-pair of a GPG installation to a Java
> program (using for example the GNU-Crypto library). Since there is a
> very large amount of encrypted records I want to avoid to create a
> big convert-process that decrypts with GPG and encrypts again with
> Java.
>
> As GNU-Crypto supports "ElGamal" I thought it would be possible to
> export the private key as bytes and use this information in Java to
> decrypt the data. But I have difficulties doing this.

You could probably work through this and get it to work, but it's not
going to be easy. For one, OpenPGP uses a somewhat strange cipher
mode (a variant on CFB). You'd also have to deal with the OpenPGP
encoding on the packets.

Rather than do all that, take a look at http://www.bouncycastle.org/
They have a Java library that can do OpenPGP directly.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Michael.Lorenz at persis

Aug 13, 2008, 7:06 AM

Post #3 of 3 (576 views)
Permalink
AW: transfer private key data between applications [In reply to]
Hi David,

thanks for your suggestion. I already had an eye on BouncyCastle but thought it could not be that hard to get the key data :)
But I will try BC for they can handle the package format of the gpg-files too.

Thanks again!

Michael


-----Ursprüngliche Nachricht-----
Von: David Shaw [mailto:dshaw [at] jabberwocky]
Gesendet: Dienstag, 12. August 2008 16:19
An: gnupg-users [at] gnupg
Betreff: Re: transfer private key data between applications

On Aug 12, 2008, at 5:16 AM, Lorenz, Michael wrote:

> Hello GNU-PG users,
>
> I have a question regarding the export of a private key.
>
> I want to transfer the key-pair of a GPG installation to a Java
> program (using for example the GNU-Crypto library). Since there is a
> very large amount of encrypted records I want to avoid to create a
> big convert-process that decrypts with GPG and encrypts again with
> Java.
>
> As GNU-Crypto supports "ElGamal" I thought it would be possible to
> export the private key as bytes and use this information in Java to
> decrypt the data. But I have difficulties doing this.

You could probably work through this and get it to work, but it's not
going to be easy. For one, OpenPGP uses a somewhat strange cipher
mode (a variant on CFB). You'd also have to deal with the OpenPGP
encoding on the packets.

Rather than do all that, take a look at http://www.bouncycastle.org/
They have a Java library that can do OpenPGP directly.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.