transfer private key data between applications

Lorenz, Michael Michael.Lorenz at persis.de
Tue Aug 12 11:16:52 CEST 2008


Hello GNU-PG users,

I have a question regarding the export of a private key.

I want to transfer the key-pair of a GPG installation to a Java program (using for example the GNU-Crypto library). Since there is a very large amount of encrypted records I want to avoid to create a big convert-process that decrypts with GPG and encrypts again with Java.

As GNU-Crypto supports "ElGamal" I thought it would be possible to export the private key as bytes and use this information in Java to decrypt the data. But I have difficulties doing this.

I exported the private key with "gpg -o sec_key.out -a --export-secret-keys ..."

Using "http://www.pgpdump.net/" I get the following content.
What I don't understand is how can I get the "x" parameter of the "ElGamal" key which is needed for the private key? PGPdump only says "Encrypted ElGamal x" but not the bytes.
Is the problem that PGPdump can't do this task? Is there another (better) tool?

---
Old: Secret Key Packet(tag 5)(481 bytes)
        Ver 4 - new
        Public key creation time - Mon Jun 16 14:58:56 CEST 2008
        Pub alg - DSA Digital Signature Algorithm(pub 17)
        DSA p(1024 bits) - ad d2 [...]
        DSA q(160 bits) - c5 f9 [...]
        DSA g(1022 bits) - 26 27 [...]
        DSA y(1022 bits) - 29 bd [...]
        Sym alg - CAST5(sym 3)
        Iterated and salted string-to-key(s2k 3):
                Hash alg - SHA1(hash 2)
                Salt - a2 fe [...]
                Count - 65536(coded count 96)
        IV - 51 d2 [...]
        Encrypted DSA x
        Encrypted SHA1 hash
Old: User ID Packet(tag 13)(28 bytes)
        User ID - [...]
Old: Signature Packet(tag 2)(94 bytes)
        Ver 4 - new
        Sig type - Positive certification of a User ID and Public Key packet(0x13).
        Pub alg - DSA Digital Signature Algorithm(pub 17)
        Hash alg - SHA1(hash 2)
        Hashed Sub: signature creation time(sub 2)(4 bytes)
                Time - Mon Jun 16 14:58:56 CEST 2008
        Hashed Sub: key flags(sub 27)(1 bytes)
                Flag - This key may be used to certify other keys
                Flag - This key may be used to sign data
        Hashed Sub: preferred symmetric algorithms(sub 11)(5 bytes)
                Sym alg - AES with 256-bit key(sym 9)
                Sym alg - AES with 192-bit key(sym 8)
                Sym alg - AES with 128-bit key(sym 7)
                Sym alg - CAST5(sym 3)
                Sym alg - Triple-DES(sym 2)
        Hashed Sub: preferred hash algorithms(sub 21)(2 bytes)
                Hash alg - SHA1(hash 2)
                Hash alg - RIPEMD160(hash 3)
        Hashed Sub: preferred compression algorithms(sub 22)(2 bytes)
                Comp alg - ZLIB <RFC1950>(comp 2)
                Comp alg - ZIP <RFC1951>(comp 1)
        Hashed Sub: features(sub 30)(1 bytes)
                Flag - Modification detection (packets 18 and 19)
        Hashed Sub: key server preferences(sub 23)(1 bytes)
                Flag - No-modify
        Sub: issuer key ID(sub 16)(8 bytes)
                Key ID - 0xE4...
        Hash left 2 bytes - 3d 12
        DSA r(159 bits) - 6f 5d [...]
        DSA s(159 bits) - 6b 83 [...]
                -> hash(DSA q bits)
Old: Secret Subkey Packet(tag 7)(611 bytes)
        Ver 4 - new
        Public key creation time - Mon Jun 16 14:59:01 CEST 2008
        Pub alg - ElGamal Encrypt-Only(pub 16)
        ElGamal p(2048 bits) - c2 a6 [...]
        ElGamal g(3 bits) - 07
        ElGamal y(2046 bits) - 24 34 [...]
        Sym alg - CAST5(sym 3)
        Iterated and salted string-to-key(s2k 3):
                Hash alg - SHA1(hash 2)
                Salt - a2 fe [...]
                Count - 65536(coded count 96)
        IV - d2 1f [...]
        Encrypted ElGamal x
        Encrypted SHA1 hash
Old: Signature Packet(tag 2)(73 bytes)
        Ver 4 - new
        Sig type - Subkey Binding Signature(0x18).
        Pub alg - DSA Digital Signature Algorithm(pub 17)
        Hash alg - SHA1(hash 2)
        Hashed Sub: signature creation time(sub 2)(4 bytes)
                Time - Mon Jun 16 14:59:01 CEST 2008
        Hashed Sub: key flags(sub 27)(1 bytes)
                Flag - This key may be used to encrypt communications
                Flag - This key may be used to encrypt storage
        Sub: issuer key ID(sub 16)(8 bytes)
                Key ID - 0xE4...
        Hash left 2 bytes - 4b c1
        DSA r(159 bits) - 70 d0 [...]
        DSA s(157 bits) - 1a 52 [...]
                -> hash(DSA q bits)
---

I would be very happy if someone can help.
Thanks in advance ...

Sincerely,

 Michael Lorenz.



More information about the Gnupg-users mailing list