Open ronaldtse opened 7 years ago
@catap this issue is for the extraction of the key storage interface.
Preferably it should be FFI-friendly/accessible (#64).
@ronaldtse @dewyatt I think we abstracted out keyring saving/loading functionality enough?
GnuPG 2.1 now uses the
.kbx
format for key storage instead of the previous.gpg
keyring.In any case, the
.gpg
keyring format is not defined in RFC 4880, but is a GnuPG-proprietary format that uses an OpenPGP message to store keys together with "Trust Packet"s. Normal OpenPGP messages do not have the "Trust Packet" (Tag 12), and the "Trust Packet"s are not exported. The contents of the "Trust Packet" is also implementation-specific as defined in RFC 4880.Given that GnuPG now uses a different
.kbx
format, it would be beneficial to have a general interface to manipulate stored keys.We should abstract out keyring manipulation code into generic primitives such as:
keystore_save_key(keystore, key)
keystore_load_key_by_fpr
keystore_load_key_by_key_id
keystore_load_key_by_user_id
keystore_trust_key
etc.
And bridge them to the specific "GnuPG keyring" or "GnuPG kbx" implementations.