GnuPG/PGP and SSL: Sharing the same private key?

2019-06-17 05:27发布

I'm trying to sort out my use of digital signatures and encryption. I understand that there are 2 main ways to do this: the PGP way and the SSL way.

What I would like to know if it's possible to use the same private key for both SSL certificate and GnuPG, providing that this is a RSA 2048 bit key.

I already have an SSL certificate signed by a CA, so I was hoping to use that certificate's private key as the GnuPG master private key.

I know that we can't make assertions between the SSL and GnuPG this way, but I would like to have only one private key (thus only having to protect one piece of data)

Thanks

1条回答
相关推荐>>
2楼-- · 2019-06-17 06:20

You can do this, but it's not necessarily good practice.

Firstly, when you say "SSL certificate", you probably mean "X.509 certificate". SSL/TLS uses X.509 certificates most of the time, but it can also use OpenPGP certificates (as far as I'm aware, only GnuTLS supports them).

Note that I'm also using the expression "OpenPGP certificate". Most people call them "(Open)PGP public keys", but they are in fact certificates: they're the combination of a public key, an identifier and some attributes, signed by other entities which attach their signature to it, so as to form the overall certificate. Strictly speaking, it's not just a public key.

The main difference between an X.509 certificate and a PGP certificate is that the X.509 can only have one signature (that of the issuer), whereas multiple signatures can be added onto a PGP certificate. (The PGP model can be used for a hierarchical PKI-like model, whereas the PKI model can't be used to handle the Web-of-Trust model.)

This Java code demonstrates how to "convert" a set of PGP keys into a self-signed X.509 certificate. In principle, you could also turn it into a CSR to get an X.509 certificate from CA. Whether it's a good idea to do so is a different matter.

Firstly, it's usually a good idea to re-generate new key-pairs once in a while. Typically, that's one of the reasons X.509 certificates used for SSL have an end of validity date (PGP signatures can also be limited in time).

You would also effectively put all your eggs in the same basket. If one of the key is compromised, both your X.509 and PGP certificates would be compromised.

More importantly, it's considered bad practice to re-use the same keys for signing and encryption: using them for two different applications (SSL/TLS and GnuPG) would only make the problem worse.

查看更多
登录 后发表回答