Displaying GPG public keys in ASCII format


I was debugging a gpg issue earlier this week, and needed to dump the contents of a public key in some type of human readable form. After a bit of googling I came across the crazy awesome pgpdump utility, which provides a command line interface to display the contents of a GPG public key. To use this tool, you can pass the key file as an argument to pgpdump:

$ gpg --export -a > HOME/pub.asc

$ pgpdump HOME/pub.asc

Old: Public Key Packet(tag 6)(418 bytes)
Ver 4 - new
Public key creation time - Tue Jun 22 10:33:25 EDT 2010
Pub alg - DSA Digital Signature Algorithm(pub 17)
DSA p(1024 bits) - ...
DSA q(160 bits) - ...
DSA g(1021 bits) - ...
DSA y(1023 bits) - ...
Old: User ID Packet(tag 13)(31 bytes)
User ID - Test Key
Old: Signature Packet(tag 2)(96 bytes)
Ver 4 - new
Sig type - Positive certification of a User ID and Public Key packet(0x13).
Pub alg - DSA Digital Signature Algorithm(pub 17)
Hash alg - SHA1(hash 2)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Tue Jun 22 10:33:25 EDT 2010
Hashed Sub: key flags(sub 27)(1 bytes)
Flag - This key may be used to certify other keys
Flag - This key may be used to sign data
Hashed Sub: preferred symmetric algorithms(sub 11)(5 bytes)
Sym alg - AES with 256-bit key(sym 9)
Sym alg - AES with 192-bit key(sym 8)
Sym alg - AES with 128-bit key(sym 7)
Sym alg - CAST5(sym 3)
Sym alg - Triple-DES(sym 2)
Hashed Sub: preferred hash algorithms(sub 21)(3 bytes)
Hash alg - SHA1(hash 2)
Hash alg - SHA256(hash 8)
Hash alg - RIPEMD160(hash 3)
Hashed Sub: preferred compression algorithms(sub 22)(3 bytes)
Comp alg - ZLIB (comp 2)
Comp alg - BZip2(comp 3)
Comp alg - ZIP (comp 1)
Hashed Sub: features(sub 30)(1 bytes)
Flag - Modification detection (packets 18 and 19)
Hashed Sub: key server preferences(sub 23)(1 bytes)
Flag - No-modify
Sub: issuer key ID(sub 16)(8 bytes)
Key ID - 0xA7B71783E5016F25
Hash left 2 bytes - ad 6b
DSA r(157 bits) - ...
DSA s(159 bits) - ...
-> hash(DSA q bits)
Old: Public Subkey Packet(tag 14)(525 bytes)
Ver 4 - new
Public key creation time - Tue Jun 22 10:33:25 EDT 2010
Pub alg - ElGamal Encrypt-Only(pub 16)
ElGamal p(2048 bits) - ...
ElGamal g(3 bits) - ...
ElGamal y(2046 bits) - ...
Old: Signature Packet(tag 2)(73 bytes)
Ver 4 - new
Sig type - Subkey Binding Signature(0x18).
Pub alg - DSA Digital Signature Algorithm(pub 17)
Hash alg - SHA1(hash 2)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Tue Jun 22 10:33:25 EDT 2010
Hashed Sub: key flags(sub 27)(1 bytes)
Flag - This key may be used to encrypt communications
Flag - This key may be used to encrypt storage
Sub: issuer key ID(sub 16)(8 bytes)
Key ID - 0xA7B71783E5016F25
Hash left 2 bytes - b1 38
DSA r(158 bits) - ...
DSA s(159 bits) - ...
-> hash(DSA q bits)

Pgpdump will display the algorithms used to create the key, as well as the key-lengths that were used. This is amazingly helpful when debugging key-related issues (hash algorithm mismatches, key-size discrepancies, etc.), and I will definitely be adding this tool to my SysAdmin toolkit!

This article was posted by Matty on 2010-06-22 10:37:00 -0400 -0400