Home Explore Help
Sign In
fphammerle
/
gpg-shadow-key-from-x509-cert-req
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

create 'shadowed-private-key' for gnupg's private-keys-v1.d folder
from a PEM-encoded RSA public key

verified result with
gpg (GnuPG) 2.1.18
libgcrypt 1.7.6
yubikey 4

$ date -Is | gpg --clearsign | gpg
gpg: using "8D2902FE7DF47DDEDA2802F9456B9A0399A5DA2F" as default secret key for signing
2018-03-31T21:45:18+02:00
gpg: Signature made Sam 31 Mär 2018 21:45:18 CEST
gpg: using RSA key 8D2902FE7DF47DDEDA2802F9456B9A0399A5DA2F
gpg: Good signature from "Fabian Peter Hammerle <fabian@hammerle.me>" [ultimate]
gpg: aka "Fabian Peter Hammerle <fabian.hammerle@gmail.com>" [ultimate]
gpg: aka "[jpeg image of size 12808]" [ultimate]

Fabian Peter Hammerle 7 years ago
commit
077e0810be
4 changed files with 47 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      .gitignore
  2. 44 0
      create-gpg-shadow-key-from-pub-key.py
  3. BIN
      reference/C2E04B00B3F087DB143B4BB6411813BA220ED4BA.key
  4. 1 0
      smartcard-app-id.hex

+ 2 - 0
.gitignore
View File 

@@ -0,0 +1,2 @@
 
+/gpg-key
 
+/pub.pem

+ 44 - 0
create-gpg-shadow-key-from-pub-key.py
View File 

@@ -0,0 +1,44 @@
 
+#!/usr/bin/env python3
 
+
 
+import cryptography.hazmat.backends
 
+import cryptography.hazmat.primitives.serialization
 
+import math
 
+import sys
 
+
 
+backend = cryptography.hazmat.backends.default_backend()
 
+
 
+with open('smartcard-app-id.hex', 'r') as f:
 
+    appid = int(f.read(), 16)
 
+
 
+with open('pub.pem', 'rb') as f:
 
+    pubkey = cryptography.hazmat.primitives.serialization.load_pem_public_key(
 
+        f.read(),
 
+        backend,
 
+    )
 
+
 
+pubnums = pubkey.public_numbers()
 
+
 
+key_data = ['shadowed-private-key', [
 
+    'rsa',
 
+    ['n', pubnums.n],
 
+    ['e', pubnums.e],
 
+    ['shadowed', 't1-v1', [appid, 'OPENPGP.1']],
 
+]]
 
+
 
+def convert(data):
 
+    if isinstance(data, int):
 
+        return convert(data.to_bytes(
 
+            math.ceil(data.bit_length() / 8),
 
+            'big',
 
+        ))
 
+    elif isinstance(data, str):
 
+        return convert(data.encode())
 
+    elif isinstance(data, bytes):
 
+        return str(len(data)).encode() + b':' + data
 
+    else:
 
+        return b'(' + b''.join(convert(i) for i in data) + b')'
 
+
 
+key = convert(key_data)
 
+
 
+with open('gpg-key', 'wb') as f:
 
+    f.write(key)

BIN
reference/C2E04B00B3F087DB143B4BB6411813BA220ED4BA.key
View File


+ 1 - 0
smartcard-app-id.hex
View File 

@@ -0,0 +1 @@
 
+D2760001240102010001234567890000