Does paperkey work with only subkey (!) exports?

[Ciantic]

There was not an example of this, so I wondered does it work correctly if I export just a subkey (with exclamation mark at the end), e.g.:

# Notice the ! exclamation mark at the end of key, which exports just a subkey
gpg --export-secret-subkeys ABC123! | paperkey -o subkey.txt

I'm not familiar enough with the key format to judge this from the implementation.

[dmshaw]

Yes, this works correctly, with the obvious caveat that any subkey that isn't included in the paper backup of course can't be restored from the paper backup. Note that the --export-secret-subkeys command in GnuPG doesn't export only the specified subkey(s), but rather exports the primary key with the secret material removed (a stub) and then the specified subkey.

Basically, if you use paperkey as in your example, when restoring the paper backup, you'll get back the original output of gpg --export-secret-subkeys ABC123!. That is, a stub primary key followed by the chosen subkey.