I have a copy of the postgresql apt repository gpg key and would like to view the details of the gpg key as it comes in the file. Is this possible without importing it into a key ring?
相关问题
- Create pgp file with gpg from command line
- Maven GPG plugin not signing sources and javadoc j
- PHP Gnupg is not showing up as an extension in php
- Verify digital signature using php
- How to authenticate Github on Ubuntu? git: 'cr
相关文章
- Problem decrypting PGP in python with pyme without
- input too large for RSA cipher with BouncyCastle
- can't use gpg-agent as an ssh agent
- gpg with powershell - passphrase security
- Using BouncyCastle with GnuPG 2.1's `pubring.k
- Change the binary that Git uses to invoke GnuPG fo
- How to use GnuPG inside Docker containers, as it i
- IntelliJ fails to commit changes when attempting t
To verify and list the fingerprint of the key (without importing it into the keyring first), type
When I stumbled up on this answer I was looking for a way to get an output that is easy to parse. For me the option
--with-colons
did the trick:Documentation can be found here.
The option
--list-packets
parses pgp data from a file and outputs its structure - in a very technical way, though. When parsing a public key, you can easily extract the user ids and the key ids of the signatures.Be wary that this command only parses the data format, it does no validation of signatures or similar things.
There are several detail levels you can get when looking at OpenPGP key data: a basic summary, a machine-readable output of this summary or a detailed (and very technical) list of the individual OpenPGP packets.
Basic Key Information
For a brief peak at an OpenPGP key file, you can simply pass the filename as parameter or pipe in the key data through STDIN. If no command is passed, GnuPG tries to guess what you want to do -- and for key data, this is printing a summary on the key:
By setting
--keyid-format 0xlong
, long key IDs are printed instead of the insecure short key IDs:Providing
-v
or-vv
will even add some more information. I prefer printing the package details in this case, though (see below).Machine-Readable Output
GnuPG also has a colon-separated output format, which is easily parsable and has a stable format. The format is documented in GnuPG
doc/DETAILS
file. The option to receive this format is--with-colons
.Since GnuPG 2.1.23, the
gpg: WARNING: no command supplied. Trying to guess what you mean ...
warning can be omitted by using the--import-options show-only
option together with the--import
command (this also works without--with-colons
, of course):For older versions: the warning message is printed on STDERR, so you could just read STDIN to split apart the key information from the warning.
Technical Details: Listing OpenPGP Packets
Without installing any further packages, you can use
gpg --list-packets [file]
to view information on the OpenPGP packets contained in the file.The
pgpdump [file]
tool works similar togpg --list-packets
and provides a similar output, but resolves all those algorithm identifiers to readable representations. It is available for probably all relevant distributions (on Debian derivatives, the package is calledpgpdump
like the tool itself).I seem to be able to get along with simply:
Which outputs like this:
The op didn't specify in particular what key info is relevant. This output is all I care about.