Page MenuHome GnuPG
Create Task
Maniphest T3738

Kleopatra: Key text export should contain information about subkeys
Closed, WontfixPublic
Actions

Description

From a wish sent to me by mail:

The export key function doesn't include the sub-keys and what they are used for:

eg.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: <generic configurable comment>
Comment: ======================================================
Comment: public key
Comment: User-ID: The UserID
Comment: <foo@bar.baz>
Comment: Validity: from 2016-05-31 until 2018-06-02
Comment: Fingerprint: A66C748781F7EC1A2EB01B9F8C7E94B7A0F546F5
Comment: ======================================================
Comment: Key-ID: 8C7E94B7A0F546F5
Comment: Certificate usage: Sign, Certify
Comment: Certificate type: RSA-bit 4096
Comment: ======================================================
Comment: Key-ID: 4A20D1492A4E8A7C
Comment: Certificate usage: Encrypt
Comment: Certificate type: 4096-bit RSA

mQINBFdNHpwBEACuQ9puoq8o1QuxwlAUYCedzRpaBIO/smgGo31QnPRjtCyBgFEE
4YdpWh9AOqGRjPf+ZJLDW43cqYT5+od82Z2ghuUqFx/iBPqaEqSpjln0Q5CuLQ6h
...

I somewhat agree with that wish. We are in "Technical Details" land there anyway and especially the subkey algos might be interesting.

Event Timeline

aheinecke created this task.Jan 15 2018, 8:12 AM
aheinecke added a comment.Mar 20 2018, 11:08 AM

I've added this to libkleo formatting now. But seeing it and thinking more about it I don't like it. As I think that the export is mostly for "You give this to others" information about the subkeys is too verbose. The current header should suffice as "some info for differentiating between keys".

Maybe we should add this as an option?

Patch to enable it in Kleo would just be:

diff --git a/src/dialogs/exportdialog.cpp b/src/dialogs/exportdialog.cpp
index 93638f7d..a497a941 100644
--- a/src/dialogs/exportdialog.cpp
+++ b/src/dialogs/exportdialog.cpp
@@ -100,12 +100,15 @@ static QString injectComments(const GpgME::Key &key, const QByteArray &data)
                                              Formatting::Subject |
                                              Formatting::ExpiryDates |
                                              Formatting::CertificateType |
-                                             Formatting::CertificateUsage);
+                                             Formatting::CertificateUsage |
+                                             Formatting::Subkeys);
 
     // Fixup the HTML coming from the toolTip for our own format.
     overView.remove(QLatin1String("<tr><th>"));
     overView.replace(QLatin1String("</th><td>"), "\t");
     overView.replace(QLatin1String("</td></tr>"), "\n");
+    overView.replace(QLatin1String("<hr/>"), QLatin1String(
+                "================================================================\n"));
     overView.remove(QLatin1String("<table border=\"0\">"));
     overView.remove(QLatin1String("\n</table>"));
     overView.replace(QLatin1String("&lt;"), "<");

The result for my key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User-ID:	Andre Heinecke <aheinecke@intevation.de>
Comment: a.k.a.:	Andre Heinecke <andre@heinecke.or.at>
Comment: a.k.a.:	Andre Heinecke <aheinecke@gnupg.org>
Comment: a.k.a.:	Andre Heinecke <andre.heinecke@intevation.de>
Comment: Created:	12/8/15 11:01 AM
Comment: Expires:	12/5/25 11:01 AM
Comment: Type:	3072-bit RSA (secret key available)
Comment: Usage:	Signing, Encryption, Certifying User-IDs, SSH Authentication
Comment: Fingerprint:	94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1
Comment: ================================================================
Comment: Subkey:	94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1
Comment: Created:	12/8/15 11:01 AM
Comment: Expires:	12/5/25 11:01 AM
Comment: Type:	3072-bit RSA
Comment: Usage:	Signing, Certifying User-IDs
Comment: ================================================================
Comment: Subkey:	29BBD11A777BAE2C2611C2916304A4B539CE444A
Comment: Created:	12/8/15 11:01 AM
Comment: Expires:	12/5/25 11:01 AM
Comment: Type:	3072-bit RSA
Comment: Usage:	SSH Authentication
Comment: ================================================================
Comment: Subkey:	E18955A9626007093BDC2ED28CC999BDAA45C71F
Comment: Created:	12/8/15 11:01 AM
Comment: Expires:	12/5/25 11:01 AM
Comment: Type:	3072-bit RSA
Comment: Usage:	Encryption
Comment: ================================================================
Comment: Subkey:	7093194AADBB8A2D14D3C9172978E9D40CBABA5C
Comment: Created:	2/13/17 4:06 PM
Comment: Expires:	1/1/70 1:00 AM
Comment: Type:	ed25519
Comment: Usage:	Signing
Comment: ================================================================
Comment: Subkey:	3FB3881264DFA26D1480E12A1FFE3151683260AB
Comment: Status:	Revoked
Comment: Created:	2/13/17 4:07 PM
Comment: Expires:	1/1/70 1:00 AM
Comment: Type:	cv25519
Comment: Usage:	Encryption
Comment: ================================================================
Comment: Subkey:	DA620BC2AEB38D67D94CCBA6DC74D901C8E2DD47
Comment: Created:	2/13/17 4:15 PM
Comment: Expires:	1/1/70 1:00 AM
Comment: Type:	ed25519
Comment: Usage:	SSH Authentication

mQGNBFZmqpUBDACGI+NCayfhevyjO2nsZrO7I6RNKsQlxW7OUL54fPuu/3VOATIx
4q4JAjFysDS1Zhq9m83dXNtUlpVHrGfPIG01pzLue5ye/4Nc/18cghM58Wp7qDvO
W9kF6FVatCoNTZH2UCnV42tw8pxaSmQLcF9kEvEbWG8G0L67ypxUj/ZzOYHccnh1
lLQw6mgXk4Xu/UGCNhnuMrgVQUNLamYtgED0hw+wjh1qji+Geyi9vFtXW5T8wnP9
aheinecke closed this task as Wontfix.Jul 5 2018, 8:22 AM

I'm going for Wontfix here. It's just too verbose and I don't really see the point of that additional information.