Page MenuHome GnuPG

--output-type raw inconsistent output
Closed, ResolvedPublic


To reproduce:

gpg2 --export-secret-keys [fpr] > first.bin
gpg2 --export-secret-keys [fpr] > second.bin
vbindiff first.bin second.bin
  • No operation on the secret key or otherwise between the first and second export-secret-key
  • Expected result: first.bin and second.bin are exactly the same, because the key exported has not changed
  • Actual result: the two files are different.

Maybe I am missing a feature of gpg2 and there is a good reason for the exported files to be different. In this case, is it possible to request the feature that if the key has not changed, the same is exported? use case: key exported for backup with paperkey and I want to verify the consistency of backup and output. Thanks.



Event Timeline

werner claimed this task.
werner edited projects, added gnupg, Support; removed Bug Report.
werner added a subscriber: werner.

That is expected. The export re-encrypts the secret parts to comply with the OpenPGP specs and this includes a salt andf IV and thus the output must be different.