如何从 gpg 密钥获取到期日期
How to get expiration date from a gpg key
下面是 gpg --armor --export heinrichh@duesseldorf.de 生成的导出的 public gpg 密钥(电子邮件来自 gpg man ;))
如何从该密钥获取到期日期?是否有可用的开放项目或我可以使用的功能?
我知道我可以执行 gpg --list-keys 搜索 heinrichh@duesseldorf.de 但我的问题是我得到了以下格式的密钥,我需要在该数据中提取此信息。
我已经使用基于 gpg rfc 规范的逆向工程从中读取了用户名,但这次我宁愿寻找比 'home made' 方法更好的方法。
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (SunOS)
mQGiBFqNy1sRBADnegXzBpsnDgSudhj5S4+Lv0rwHHcJDg0nxHPf2KaefXnytzhm
tf/43xQaaPUpIg2UMV2qhdA9qczMlqe6llz7sQbi4v0QTuOPSx2EcKb364TcsG5K
RO180ghq0RmeK+EDfCn8i5aPfGucaPXpUJ9ZaRaJmEWlv57eymPEW+FAVwCgmATR
w4bcPZWyUMaO/MsB4+IA1zkEALB60PN8sA1mFyf0z9mlXYoP/T68pAHFMWd+NNcB
K7+BmHZEhTUEUwB1pfO/s6AurSCAFHUmhM2S9VBkci+EuyFVCkorZbbjCdZ3Nim5
KojcIL319mbYNyfzVkxLLbrHaSvax7xmyLY7HfXEYyJskR6fk4zB7er4VKDIh1gZ
G9T/A/9j1FslL0sBZ2YfcDVWpfofoX2hxW9Y0ihxHGpVtwcOd90RFXEt1jjDP2O2
iPkseTpxT2bG9qGK89YymKZjNnXKxZoYG0Y1peiHL4dX4EeEkGS72MWLwCUupuxh
w4MzH7mgtAV4UxXm2WjomWX8aZqJ5YQ4Cnxs0f6zcDnTSj8DvLQwSGVpbnJpY2gg
SGVpbmUgKHRlc3QpIDxoZWlucmljaGhAZHVlc3NlbGRvcmYuZGU+iGUEExECACUF
AlqNy1sCGwMFCQABUYAGCwkIBwMCBBUCCAMDFgIBAh4BAheAAAoJECAy3dUnZnUw
6BUAn1ikxbVvcJ6vaARftyK/Uw6Zw9WKAJwPgbcy02HMvtjQCaCtusLl12ZdLLkC
DQRajctbEAgA1YU+9LWaSdInlCMaF639qaE8bv3JK2DbNj/0v+QwmQT81Jp6U37j
XbU+zA85nw96zwjBDz9ACg3jtQlrbg7e+ooJQMzCVYkkIJH8mkQi8JYswLFFaKRp
dJy43Gyx+ehbOT5FGfeX8VoAbuDhBJKtssmH/EEz9hYLLLZ8me88onnNOWCAAWF+
bOJSemRMppY5f9nQwUMk7uG5yv9Wk/E98w+evow10bhWs3cyCxvT6IHQSGS0m+iC
vCDhaSRy+cRf+GRqy/LyUb4z7Q4TZRrcE/X3xY7FW8/iNSlkv5oMjpFoaYBpSzkE
vdXsdOJQVZHnefkUDXTMl7OPWX9RyX1CbwADBQgAh+Bsn7lin/z8WIDIwlo7B7ag
p8YzFeJqsyPxP2I9a36mVrHOopXHotMMCPBF9lm227vXwB+z8fKoujzd9himVspo
fMA5GGvPHEya4ldha+3ChJTNgErZfkczzbcoP6YLmxI+kfW/OwjTq0Ivi0afhChR
vhb/N+hXoVcGm9ciA9xnoGE0+hZpzf5iF/SiL/T4wkCQy68PoCHxzrxWAnaqqldV
nYBEG5mUzrvqYb2iKWf24qt34og5GV4mrlNPSuvj7faE1BQe5JgEIhr8TS9Secnc
qQGJPh/+afK4Y8kl4CvQq3/BQddoFKgZdmUgaIBZN/fDqWwGfWLVx0mWXQgEbIhP
BBgRAgAPBQJajctbAhsMBQkAAVGAAAoJECAy3dUnZnUwNIwAn3+A5rGyGNZBD5qT
FgSoVvy7JcRLAKCX9sgU2by9pKxTmyZXvaUrEwGwXw==
=Ojdl
-----END PGP PUBLIC KEY BLOCK-----
看起来我可以将其通过管道传输到 gpg --list-packets 并检查(请参阅末尾的编辑以获得更好的解决方案):
"created" 值(这里是 1519242075 -> 2 月 21 日星期三 14:41:15 EST 2018)- 或
"sig created"(这里是2018-02-21)
"key expires after"(这里是1d0h0m)
注意 - 如果密钥未过期,则不会列出 "key expires after" 字段。
#> gpg -a --export "Heinrich Heine" | gpg --list-packets
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
:public key packet:
version 4, algo 17, created 1519242075, expires 0
pkey[0]: [1024 bits]
pkey[1]: [160 bits]
pkey[2]: [1024 bits]
pkey[3]: [1023 bits]
:user ID packet: "Heinrich Heine (test) <heinrichh@duesseldorf.de>"
:signature packet: algo 17, keyid 2032DDD527667530
version 4, created 1519242075, md5len 0, sigclass 0x13
digest algo 2, begin of digest e8 15
hashed subpkt 2 len 4 (sig created 2018-02-21)
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 9 len 4 (key expires after 1d0h0m)
hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
hashed subpkt 21 len 3 (pref-hash-algos: 2 8 3)
hashed subpkt 22 len 2 (pref-zip-algos: 2 1)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (key server preferences: 80)
subpkt 16 len 8 (issuer key ID 2032DDD527667530)
data: [159 bits]
data: [156 bits]
:public sub key packet:
version 4, algo 16, created 1519242075, expires 0
pkey[0]: [2048 bits]
pkey[1]: [3 bits]
pkey[2]: [2048 bits]
:signature packet: algo 17, keyid 2032DDD527667530
version 4, created 1519242075, md5len 0, sigclass 0x18
digest algo 2, begin of digest 34 8c
hashed subpkt 2 len 4 (sig created 2018-02-21)
hashed subpkt 27 len 1 (key flags: 0C)
hashed subpkt 9 len 4 (key expires after 1d0h0m)
subpkt 16 len 8 (issuer key ID 2032DDD527667530)
data: [159 bits]
data: [160 bits]
甚至有一种 "better" 方法可以让 gpg 分析到期日期。
只是 运行:
gpg --with-colons file.pub
有关输出的解释,请参阅此站点
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS
编辑:
使用 gpg --with-colon --fixed-list-mode 以避免 2038 年问题。
查看更多:
我遇到了同样的问题,gpg --show-keys 做了我需要的:
gpg --show-keys tmp.pub
pub dsa1024 2018-02-21 [SC] [expired: 2018-02-22]
5CA8E044DC5C0AA51F29C2072032DDD527667530
uid Heinrich Heine (test) <heinrichh@duesseldorf.de>
sub elg2048 2018-02-21 [E] [expired: 2018-02-22]
下面是 gpg --armor --export heinrichh@duesseldorf.de 生成的导出的 public gpg 密钥(电子邮件来自 gpg man ;))
如何从该密钥获取到期日期?是否有可用的开放项目或我可以使用的功能?
我知道我可以执行 gpg --list-keys 搜索 heinrichh@duesseldorf.de 但我的问题是我得到了以下格式的密钥,我需要在该数据中提取此信息。
我已经使用基于 gpg rfc 规范的逆向工程从中读取了用户名,但这次我宁愿寻找比 'home made' 方法更好的方法。
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (SunOS)
mQGiBFqNy1sRBADnegXzBpsnDgSudhj5S4+Lv0rwHHcJDg0nxHPf2KaefXnytzhm
tf/43xQaaPUpIg2UMV2qhdA9qczMlqe6llz7sQbi4v0QTuOPSx2EcKb364TcsG5K
RO180ghq0RmeK+EDfCn8i5aPfGucaPXpUJ9ZaRaJmEWlv57eymPEW+FAVwCgmATR
w4bcPZWyUMaO/MsB4+IA1zkEALB60PN8sA1mFyf0z9mlXYoP/T68pAHFMWd+NNcB
K7+BmHZEhTUEUwB1pfO/s6AurSCAFHUmhM2S9VBkci+EuyFVCkorZbbjCdZ3Nim5
KojcIL319mbYNyfzVkxLLbrHaSvax7xmyLY7HfXEYyJskR6fk4zB7er4VKDIh1gZ
G9T/A/9j1FslL0sBZ2YfcDVWpfofoX2hxW9Y0ihxHGpVtwcOd90RFXEt1jjDP2O2
iPkseTpxT2bG9qGK89YymKZjNnXKxZoYG0Y1peiHL4dX4EeEkGS72MWLwCUupuxh
w4MzH7mgtAV4UxXm2WjomWX8aZqJ5YQ4Cnxs0f6zcDnTSj8DvLQwSGVpbnJpY2gg
SGVpbmUgKHRlc3QpIDxoZWlucmljaGhAZHVlc3NlbGRvcmYuZGU+iGUEExECACUF
AlqNy1sCGwMFCQABUYAGCwkIBwMCBBUCCAMDFgIBAh4BAheAAAoJECAy3dUnZnUw
6BUAn1ikxbVvcJ6vaARftyK/Uw6Zw9WKAJwPgbcy02HMvtjQCaCtusLl12ZdLLkC
DQRajctbEAgA1YU+9LWaSdInlCMaF639qaE8bv3JK2DbNj/0v+QwmQT81Jp6U37j
XbU+zA85nw96zwjBDz9ACg3jtQlrbg7e+ooJQMzCVYkkIJH8mkQi8JYswLFFaKRp
dJy43Gyx+ehbOT5FGfeX8VoAbuDhBJKtssmH/EEz9hYLLLZ8me88onnNOWCAAWF+
bOJSemRMppY5f9nQwUMk7uG5yv9Wk/E98w+evow10bhWs3cyCxvT6IHQSGS0m+iC
vCDhaSRy+cRf+GRqy/LyUb4z7Q4TZRrcE/X3xY7FW8/iNSlkv5oMjpFoaYBpSzkE
vdXsdOJQVZHnefkUDXTMl7OPWX9RyX1CbwADBQgAh+Bsn7lin/z8WIDIwlo7B7ag
p8YzFeJqsyPxP2I9a36mVrHOopXHotMMCPBF9lm227vXwB+z8fKoujzd9himVspo
fMA5GGvPHEya4ldha+3ChJTNgErZfkczzbcoP6YLmxI+kfW/OwjTq0Ivi0afhChR
vhb/N+hXoVcGm9ciA9xnoGE0+hZpzf5iF/SiL/T4wkCQy68PoCHxzrxWAnaqqldV
nYBEG5mUzrvqYb2iKWf24qt34og5GV4mrlNPSuvj7faE1BQe5JgEIhr8TS9Secnc
qQGJPh/+afK4Y8kl4CvQq3/BQddoFKgZdmUgaIBZN/fDqWwGfWLVx0mWXQgEbIhP
BBgRAgAPBQJajctbAhsMBQkAAVGAAAoJECAy3dUnZnUwNIwAn3+A5rGyGNZBD5qT
FgSoVvy7JcRLAKCX9sgU2by9pKxTmyZXvaUrEwGwXw==
=Ojdl
-----END PGP PUBLIC KEY BLOCK-----
看起来我可以将其通过管道传输到 gpg --list-packets 并检查(请参阅末尾的编辑以获得更好的解决方案):
"created"值(这里是 1519242075 -> 2 月 21 日星期三 14:41:15 EST 2018)- 或
"sig created"(这里是2018-02-21) "key expires after"(这里是1d0h0m)
注意 - 如果密钥未过期,则不会列出 "key expires after" 字段。
#> gpg -a --export "Heinrich Heine" | gpg --list-packets
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
:public key packet:
version 4, algo 17, created 1519242075, expires 0
pkey[0]: [1024 bits]
pkey[1]: [160 bits]
pkey[2]: [1024 bits]
pkey[3]: [1023 bits]
:user ID packet: "Heinrich Heine (test) <heinrichh@duesseldorf.de>"
:signature packet: algo 17, keyid 2032DDD527667530
version 4, created 1519242075, md5len 0, sigclass 0x13
digest algo 2, begin of digest e8 15
hashed subpkt 2 len 4 (sig created 2018-02-21)
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 9 len 4 (key expires after 1d0h0m)
hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
hashed subpkt 21 len 3 (pref-hash-algos: 2 8 3)
hashed subpkt 22 len 2 (pref-zip-algos: 2 1)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (key server preferences: 80)
subpkt 16 len 8 (issuer key ID 2032DDD527667530)
data: [159 bits]
data: [156 bits]
:public sub key packet:
version 4, algo 16, created 1519242075, expires 0
pkey[0]: [2048 bits]
pkey[1]: [3 bits]
pkey[2]: [2048 bits]
:signature packet: algo 17, keyid 2032DDD527667530
version 4, created 1519242075, md5len 0, sigclass 0x18
digest algo 2, begin of digest 34 8c
hashed subpkt 2 len 4 (sig created 2018-02-21)
hashed subpkt 27 len 1 (key flags: 0C)
hashed subpkt 9 len 4 (key expires after 1d0h0m)
subpkt 16 len 8 (issuer key ID 2032DDD527667530)
data: [159 bits]
data: [160 bits]
甚至有一种 "better" 方法可以让 gpg 分析到期日期。 只是 运行:
gpg --with-colons file.pub
有关输出的解释,请参阅此站点
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS
编辑:
使用 gpg --with-colon --fixed-list-mode 以避免 2038 年问题。
查看更多:
我遇到了同样的问题,gpg --show-keys 做了我需要的:
gpg --show-keys tmp.pub
pub dsa1024 2018-02-21 [SC] [expired: 2018-02-22]
5CA8E044DC5C0AA51F29C2072032DDD527667530
uid Heinrich Heine (test) <heinrichh@duesseldorf.de>
sub elg2048 2018-02-21 [E] [expired: 2018-02-22]