Re: Public vs Private Fingerprint
Hello all, >> On 14 Aug 2018, at 13:43, Damien Goutte-Gattat via Gnupg-users >> wrote: >> >>> On 08/14/2018 12:05 PM, Ralph Corderoy wrote: >> >> A [V4] fingerprint is the 160-bit SHA-1 hash of the octet 0x99, >> followed by the two-octet packet length, followed by the entire >> *Public-Key packet* starting with the version field. Following on from this, in my experience, studying the output of the `—list-packets` option has been one of the most effective ways of learning how GnuPG works. See https://gnupg.org/documentation/manuals/gnupg/Operational-GPG-Commands.html#index-list_002dpackets . Andrew___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Public vs Private Fingerprint
On 08/14/2018 12:05 PM, Ralph Corderoy wrote: > That was my conclusion after having searched a bit this morning, > but I didn't notice it explicitly documented? Maybe not in GnuPG's manual, but it is explicitly documented in the specification of the OpenPGP format (RFC 4880, §12.2 [1]): > A [V4] fingerprint is the 160-bit SHA-1 hash of the octet 0x99, > followed by the two-octet packet length, followed by the entire > *Public-Key packet* starting with the version field. Damien [1] https://tools.ietf.org/html/rfc4880#section-12.2 signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Public vs Private Fingerprint
Hi Damien, > Actually there's no such thing as a private key fingerprint. > Fingerprints are only calculated on public keys. That was my conclusion after having searched a bit this morning, but I didn't notice it explicitly documented? -- Cheers, Ralph. https://plus.google.com/+RalphCorderoy ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Public vs Private Fingerprint
On 08/14/2018 05:20 AM, Damian Rivas wrote: > Is there a reason why the fingerprints for my public and private keys are > exactly the same? Actually there's no such thing as a private key fingerprint. Fingerprints are only calculated on public keys. (Theoretically you *could* compute a fingerprint on a private key, but as far as I know that's never used in OpenPGP.) Even when GnuPG is displaying a private key (e.g. with the --list-secret-keys command), the fingerprint is the fingerprint of the corresponding public key. Damien signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
