Error: unable to parse OpenPGP packets

cmoulliard commented 3 years ago

Issue

When we execute the following gpg and pakerkey command, then the error unable to parse OpenPGP packets is reported

gpg  -a --export-secret-key 4BD5F787F27F97744BC09E019C1CA69653E98E56 | paperkey --output paperkey.asc
Error: unable to parse OpenPGP packets (is this armored data?)
Unable to find secret key packet

key info

gpg --list-packets private.pgp
# off=0 ctb=95 tag=5 hlen=3 plen=1862
:secret key packet:
    version 4, algo 1, created 1550087793, expires 0
    pkey[0]: [4096 bits]
    pkey[1]: [17 bits]
    iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: 1A9F0DA34A68F761
    protect count: 41943040 (244)
    protect IV:  14 87 a6 d5 db b7 fe d8 97 8a 8f 7f 90 60 18 38
    skey[2]: [v4 protected]
    keyid: 9C1CA69653E98E56
# off=1865 ctb=b4 tag=13 hlen=2 plen=39
:user ID packet: "Charles Moulliard <cmoullia@redhat.com>"
# off=1906 ctb=89 tag=2 hlen=3 plen=596
:signature packet: algo 1, keyid 9C1CA69653E98E56
    version 4, created 1613457473, md5len 0, sigclass 0x13
    digest algo 8, begin of digest 81 d5
    hashed subpkt 27 len 1 (key flags: 03)
    hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
    hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2)
    hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
    hashed subpkt 30 len 1 (features: 01)
    hashed subpkt 23 len 1 (keyserver preferences: 80)
    hashed subpkt 33 len 21 (issuer fpr v4 4BD5F787F27F97744BC09E019C1CA69653E98E56)
    hashed subpkt 2 len 4 (sig created 2021-02-16)
    hashed subpkt 9 len 4 (key expires after 6y4d10h41m)
    subpkt 16 len 8 (issuer key ID 9C1CA69653E98E56)
    data: [4096 bits]
# off=2505 ctb=9d tag=7 hlen=3 plen=1862
:secret sub key packet:
    version 4, algo 1, created 1550087793, expires 0
    pkey[0]: [4096 bits]
    pkey[1]: [17 bits]
    iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: A41EE4FEEFFBB304
    protect count: 41943040 (244)
    protect IV:  f4 b0 40 f9 dc d4 64 7f ab 88 4f 37 57 82 a5 2c
    skey[2]: [v4 protected]
    keyid: B6864CCACED21250
# off=4370 ctb=89 tag=2 hlen=3 plen=572
:signature packet: algo 1, keyid 9C1CA69653E98E56
    version 4, created 1613457515, md5len 0, sigclass 0x18
    digest algo 8, begin of digest 18 a7
    hashed subpkt 27 len 1 (key flags: 0C)
    hashed subpkt 33 len 21 (issuer fpr v4 4BD5F787F27F97744BC09E019C1CA69653E98E56)
    hashed subpkt 2 len 4 (sig created 2021-02-16)
    hashed subpkt 9 len 4 (key expires after 6y4d10h41m)
    subpkt 16 len 8 (issuer key ID 9C1CA69653E98E56)
    data: [4095 bits]

Versions

paperkey: 1.6
gpg: 2.2.27
OS: Mac

dmshaw commented 3 years ago

Hi, this isn't a bug - in fact, the error message points to the problem. The GPG command line in the example has "-a" in it, also known as --armor (or even --armour), a base64-ish transformation of the OpenPGP packets.

Paperkey works on binary (non-armored) packets, so if you remove the "-a" from GPG, this should work properly for you.

Good luck!

cmoulliard commented 3 years ago

Many thanks :-) That works now

dmshaw / paperkey