1

I'm specifically asking in relation to this answer where a user is trying to recreate the public key solely from the information in an openPGP Smartcard (due to losing the public key):

https://stackoverflow.com/a/69903994/17503333

The answer states that you should be able to reconstruct the public key from the information retrieved from the gpg-connect-agent through gpg and libcrypt itself, but does not specify how:

Take the creation time from the KEY-TIME lines. I used /decode and /hex above only for readability. You should use

  > /datafile out
  > scd readkey OPENPGP.1
  OK
  > /bye

instead which writes the s-expression with the public key to the file out. The Libgcrypt functions take those s-expressions as arguments. Now you need to feed it to gpg to create the public key part and the self-signatures.

Is there any way to do this? There isn't any specific instructions online that specify what tools/functions within librypt and gpg to use to recreate the public key.

kinetic_constellation
  • 11
  • 1

1 Answers1

0

This may be done as following (assumming all required data is returned by the readkey):

  • You should parse s-exp and extract all key fields, this could be the guide: https://people.csail.mit.edu/rivest/sexp.html
  • Then you should build up in hex editor OpenPGP's public key packet, using RFC 4880 as a guide, filling all required fields.
  • Make sure you didn't make a mistake and fingerprint is correct (using the RFC 4880 on 'how to calculate fingerprint' as a guide).
  • Add self-signature for the key, using smart card to sign and build up the signature packet.
  • repeat the same for subkeys.
Nickolay Olshevsky
  • 13,706
  • 1
  • 34
  • 48