Search code examples
gnupg

gpg how to store the pub and private keys, just like ssh

In ssh I can create a key pairs

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/simha/.ssh/id_rsa): /home/simha/.ssh/id_test

Now i can see pub key

$ cat id_test.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAOQtlWF/GIo21VjtC4x4c480oz4GDpWzYOGAD2HNeUft4dydo5V9coPQpnzz5/kOtcQEzFo+kpyQ4TK0Wm5MiaC3EvRmteJlZI4fXW9x/EkFEcM9v0VUGZisidpoLQIJmXPai2VOSE8Jf7ZZ7Xc71xTaYNCCuZc= xxxx@yyyyy

and also the private key

$ cat id_test
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA5lETR8hIYbpsYdlXNwLlLEUSomwvLQZ37+5IMdsUe7Aomd6KmWSj
0Pb/Hsu7EgLIG4xF9X1S+fNALCbeQCNrjO0mmrZ9RfafAX5QxEoe/Bp/cNtztP27PQn69n
R4uYNQ3lro6wibr3WnO+gXeATAfVF9I1JZDxYuLh2wFyExE3Z8Uaz6iTwlBPFqIKBDunD6
sIm691pzvoF3gEwH1RfSNSWQ8WLi4dsBchMRN2fFGs+ok8JQTxaiCgQ7pw+qyapisEpAFJ
ZKVHKtvwPiZEEpf9CbU+nVOcE6L38hyYwaN+c9HwQYTXBdxHmPyMKZzSzJmn6ZI4EQWPMr
ftqNG/ZGwLaRILHNyGlr41ar3QHSrqJ9XljHUHlWKjXA1UdPXt5LNplSyosD8BYJIYmX0v
/VPO3i/UMLAM5C2VYX8YijbVWO0LjHhzjzSjPgYOlbNg4YAPYc15R+3h3J2jlX1yg9CmfP
Pn+Q61xATMWj6SnJDhMrRabkyJoLcS9Ga14mVkjh9db3H8SQURwz2/RVQZmKyJ2mgtAgmZ
c9qLZU5ITwl/tlntdzvXFNpg0IK5lwAAAAMBAAEAAAGAam1Uh3sZV2+Z3a1dC+Kem9JfRg
bP1fKDQa/OVJtz36QLXu7jBPbobAt24HgsPapjZbdwLHx4919cbAqZ8PFtJXYAvMVPJiFM
YJhKIipOHxjvguslkKEfAJm4CmLP1onDuLwxnUohBvdLC/e3wJIRkNczCDtpQ/tv44d8c3
O3BdNepy9Tpk7QnHQiImlsYp8KdvAPkRlX3/BWPbmhKHjffzc9kFYxQjto39XjjQ8eJfDA
qhgo1P48iHIEF0JOg4UQZSd32NoVBFt3XwDkvMzGZ1MTu0xrsG0puV4EfmunmBvwGF9naV
MNAkfquikbozieNzI98vLDbj+7USnWfQvbkSmqvXZ1qi2okNa1flCiLhDYa0VcBOX1yI4c
W0p2k0+4rQaUo1tLjWZ/agntidiUYU+V+7Ruz5tENJ4Rj7Zo8ydNx9GWn6yl6IocinQOxB
6J9ivooA/QrhPNYO/BztiIHZ3bVBjfFMYxrJhRLxs5LlVVfjtobevUWdMroGVvf0bhAAAA
wH3UUoQY5vFTNZthMP97963mJ/QgWYmOCEPr18xsQ5gAJLdW0W4FA/Eh8rt
-----END OPENSSH PRIVATE KEY-----

So these are simple texts, I can store these whereever I want and later use them as pairs.

Similarly in gpg, how Can i do this

I generate the key

gpg --gen-key

Now how to get the private key and public key and fingerprint to store them as texts somewhere so that i can use them

Because my plan is I am creating a software, for which the user will be provided an encrpted text message as license. This message contains the expiry date.

So in my sotfware i will store the private key and then decrypt the message and check the expiry date.

So for that i need to store the private key as string in the software somewhere.

Solution

  • You should use gpg --armor --export keyid, where --armor tells to wrap key so it may be transferred in text, and keyid is identifier of your key.

    However,

    • you need to use some OpenPGP library (or be dependent from GnuPG executable) to decrypt that message, which could bring complications
    • textual representation may be easily searched through your application's binary, so user would be able to extract secret key and use it to encrypt modified license file (public key is derived from the secret one).

    So probably you'd better consider some other sort of protection, like plain encryption + digital signature, which requiress public key to verify.