Page MenuHome GnuPG
Create Task
Maniphest T5981

--output-type raw inconsistent output
Closed, ResolvedPublic
Actions

Description

To reproduce:

gpg2 --export-secret-keys [fpr] > first.bin
gpg2 --export-secret-keys [fpr] > second.bin
vbindiff first.bin second.bin
  • No operation on the secret key or otherwise between the first and second export-secret-key
  • Expected result: first.bin and second.bin are exactly the same, because the key exported has not changed
  • Actual result: the two files are different.

Maybe I am missing a feature of gpg2 and there is a good reason for the exported files to be different. In this case, is it possible to request the feature that if the key has not changed, the same is exported? use case: key exported for backup with paperkey and I want to verify the consistency of backup and output. Thanks.

Details

Version
2.2.4

Event Timeline

yuv created this task.May 17 2022, 6:31 PM
werner closed this task as Resolved.May 18 2022, 8:56 AM
werner claimed this task.
werner edited projects, added gnupg, Support; removed Bug Report.
werner added a subscriber: werner.

That is expected. The export re-encrypts the secret parts to comply with the OpenPGP specs and this includes a salt andf IV and thus the output must be different.