> On 17 Aug 2017, at 16:06, Peter Lebbing <[email protected]> wrote: > > On 17/08/17 15:39, Dirk-Willem van Gulik wrote: >> # off=0 ctb=95 tag=5 hlen=3 plen=533 >> :secret key packet: >> version 4, algo 1, created 1502976628, expires 0 >> pkey[0]: [4096 bits] >> pkey[1]: [17 bits] >> gnu-dummy S2K, algo: 0, simple checksum, hash: 0 >> protect IV: >> keyid: 774BFCB80257A25B > > Note "gnu-dummy S2K". This is an empty placeholder for the key material. > An OpenPGP secret key always contains the primary key, but this is > GnuPG's method to get away with not actually including the primary key > nonetheless.
Thank you ! > "S2K" means "String to Key", and an S2K is a method that derives a > cryptographic key from a passphrase. The cryptographic key is > subsequently used to encrypt the secret key material (well, apart from > the fact that this is a dummy that doesn't actually do that). > > And an OpenPGP secret key always contains the public key as well, which > /is/ included, in pkey[0] and pkey[1] (pkey -> public key). Clear. So I need to figure out why paperkey outputs more than I am expecting when minimalizing. >> :secret sub key packet: >> version 4, algo 1, created 1502976632, expires 0 >> pkey[0]: [4096 bits] >> pkey[1]: [17 bits] >> iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: 1B6594BA5204BCCC >> protect count: 16777216 (224) >> protect IV: a0 16 38 e5 6b a0 3c f0 16 f9 a4 17 c6 ba 14 a6 >> skey[2]: [v4 protected] >> keyid: 11A28C9369E55B8C > > And this is actually secret key material. First the public key again, > then the secret key in skey[2] (skey -> secret key). It is protected by > the "iter+salt" S2K. > > This packet will be significantly larger than the earlier packet. Ok. And it is. Thanks for helping to narrow this down, Kind regards, Dw.
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
