我收到了一个公钥,开始于
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Desktop 10.2.1 (Build 5033)
当我--import它时,我得到(一些字段替换为x)
gpg: key CC49xxxxxxxxxxxx: 1 signature not checked due to a missing key
gpg: key CC49xxxxxxxxxxxx: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg: w/o user IDs: 1
当我--list-packets这样做时,我得到了
# off=0 ctb=99 tag=6 hlen=3 plen=269
:public key packet:
version 4, algo 1, created 1570xxxxxx, expires 0
pkey[0]: [2048 bits]
pkey[1]: [17 bits]
keyid: CC49xxxxxxxxxxxx
# off=272 ctb=b4 tag=13 hlen=2 plen=47
:user ID packet: "xxxxxx xxxxxxx<[email protected]>"
# off=321 ctb=89 tag=2 hlen=3 plen=1705
:signature packet: algo 100, keyid 0000000000000000
version 4, created 1570xxxxxx, md5len 0, sigclass 0x10
digest algo 8, begin of digest 00 00
hashed subpkt 2 len 4 (sig created 2019-xx-xx)
hashed subpkt 3 len 4 (sig expires after 3y0d0h0m)
hashed subpkt 27 len 1 (key flags: 0C)
hashed subpkt 100 len 1674 (experimental / private subpacket)
unknown algorithm 100
我正在运行 GnuPG 2.2.27 和 libgcrypt 1.8.7。
我知道这algo 100是某种专有扩展,也许是偷偷藏有 X.509 证书。
有没有办法规范化公钥,以便我可以导入它,而无需打扰我的通讯员(例如,提供用我的私钥制作的签名来验证用户 ID)?这样可以加密吗?可以检查签名吗?