Mailing List Archive

Hi,

On Fri, Oct 29, 2021 at 04:04:11PM +0200, Romain LT via Gnupg-users wrote:
>dirmngr.conf :
> configuration for dirmngr (keyserver access)

Dirmngr is also used for fetching the Certificate Revocation Lists
(CRLs), if you’re using GpgSM (the X.509/SMIME part of GnuPG).


>crls.d/DIR.txt
> ????

This is where dirmngr stores the aforementioned CRLs. The DIR.txt file
acts as a kind of index for the CRLs that are cached in that folder. It
is normal for that folder to be empty (save for the DIR.txt file) if you
don’t use GpgSM.


>openpgp-revocs.d/
> folder to store revocs certificates (for my own keys ?)

Yes. This is where Gpg writes out the revocation certificate it
automatically generates upon creating a new key.


> should I store certificates in this waiting for the moment my keys are
> compromised ?)

That is ultimately dependent on your threat model. Keep in mind that,
contrary to your private key, the revocation certificate is *not*
passphrase-protected (whoever manages to grab it can use it to revoke
your key without needing anything else). That may be reason enough to
want to move it offline, elsewhere than on your computer, instead of
leaving it in the openpgp-revocs.d folder.


>private-keys-v1.d/
> folder with private keys files, named afte key or subkey keygrip
> Is there only the private key part of my own keys in this ? or
> is there a way to obtain public+private key from one of those
> files ?

Private key only. I believe the purely “mathematical” components of the
public key can be derived from it (though I may be wrong here), but that
does not include the User IDs and associated signatures, that are
necessary to make a ”full” public key – those components are in
pubring.kbx.


>tofu.db
> is an sqlite database and mean Trust On First Use. But what does
> it means and what does it contains ?

TOFU is a new (or not so new anymore, it has been introduced in 2015 or
so) trust model, that can either replace the web of trust or be used in
combination with the web of trust.

The TOFU database is what allows GnuPG to keep track of which email
address a given key is associated with, so that it can detect any future
mismatch (which could be a sign that a MITM attack is under way).

>
>trustdb.gpg
> the "trust database" which seem to be usefull for web of trust.
> The doc says to not backup this file. Why, and why did it
> contains, and what is it for ?

This is indeed the database for the web of trust. It contains the
ownertrust value you assigned to the public keys of you keyring. (The
“onwertrust value” is when you state how much you trust the owner of a
key to sign other people’s keys.) In the web-of-trust model, GnuPG uses
the ownertrust values combined with key signatures to decide whether a
public key in your keyring is valid.

Those values should be backed up (unless you don’t mind manually
re-assigning ownertrust values for all the keys you trust if you come to
lose the trustdb.gpg file). The current manual page says:

There is no need to backup this file; it is better to backup the
ownertrust values (see option --export-ownertrust).

This is not intended to mean the trustdb.gpg file is worthless, merely
that its contents should be backed up using the --export-ownertrust
command instead of simply doing a file-level backup:

gpg --export-ownertrust > ownertrust.backup
# to restore
gpg --import-ownertrust < ownertrust.backup


Hope that helps,

- Damien

Damien Goutte-Gattat via Gnupg-users wrote:
> On Fri, Oct 29, 2021 at 04:04:11PM +0200, Romain LT via Gnupg-users
> wrote:
> [...]
>> private-keys-v1.d/
>> folder with private keys files, named afte key or subkey keygrip
>> Is there only the private key part of my own keys in this ? or
>> is there a way to obtain public+private key from one of those
>> files ?
>
> Private key only. I believe the purely ?mathematical? components of
> the public key can be derived from it (though I may be wrong here),
> but that does not include the User IDs and associated signatures, that
> are necessary to make a ?full? public key ? those components are in
> pubring.kbx.

You are correct: key generation for asymmetric systems involves randomly
choosing a private key and calculating the corresponding public key. The
mathematics are such that this is easy but the reverse is believed to be
computationally infeasible. There are a variety of "neat math tricks" to
make the system more efficient under various conditions, but ultimately
public keys are derived from private keys and this determines which key
is which.

For example, RSA relies on the ease of calculating a product versus the
presumed difficulty of factoring composites of two approximately
similar-magnitude primes. Either key can decrypt a message encrypted by
the other; smoothing over some mathematical and cryptographic details,
this is used for signatures by encrypting the signature with the private
key which allows the public key to decrypt (verify) it.

Again, the difference between the public and private keys is that, given
the private key the public key can be calculated, while the private key
cannot be (feasibly) calculated given the public key.

You may note that I have been very light on details; this is
intentional. If you are unclear about a basic detail like this, you will
almost certainly fall into one of numerous pitfalls that make asymmetric
systems easily breakable. Do not roll your own; use an existing
well-vetted Free program (like GPG!) instead. ***NEVER*** trust nonfree
cryptographic software: you have no way to even begin to effectively
audit such a "black box" for backdoors and the history of proprietary
encryption is exceptionally bad, ranging from simple incompetence
(proprietary algorithms tend to fall to cryptanalysis quite quickly once
they are examined) to deliberate backdoors.


-- Jacob

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

* 2021-10-29 16:04:11+0200, Romain LT via Gnupg-users wrote:

> tofu.db
> is an sqlite database and mean Trust On First Use. But what does
> it means and what does it contains ?

tofu.db contains a log for every signature and encryption by/for every
key and email address. This means in human language:

"I have verified this signature made by this key and email address at
that time." (time of the signature and time of verification are
recorded)

"I have encrypted for this key and email at that time."

GnuPG can tell some of that information in techical form:

gpg --list-keys --with-colons --with-tofu-info

In SQL terms the tofu.db database has this schema:

$ sqlite3 ~/.gnupg/tofu.db .schema

CREATE TABLE version (version INTEGER);
CREATE TABLE bindings
(oid INTEGER PRIMARY KEY AUTOINCREMENT,
fingerprint TEXT, email TEXT, user_id TEXT, time INTEGER,
policy INTEGER CHECK (policy in (1, 2, 3, 4, 5)),
conflict STRING, effective_policy INTEGER DEFAULT 0
CHECK (effective_policy in (0, 1, 2, 3, 4, 5)),
unique (fingerprint, email));
CREATE TABLE sqlite_sequence(name,seq);
CREATE TABLE signatures (binding INTEGER NOT NULL, sig_digest TEXT,
origin TEXT, sig_time INTEGER, time INTEGER,
primary key (binding, sig_digest, origin));
CREATE TABLE encryptions (binding INTEGER NOT NULL, time INTEGER);
CREATE INDEX bindings_fingerprint_email
on bindings (fingerprint, email);
CREATE INDEX bindings_email on bindings (email);
CREATE INDEX encryptions_binding on encryptions (binding);
CREATE TABLE ultimately_trusted_keys (keyid);

--
/// Teemu Likonen - .-.. https://www.iki.fi/tlikonen/
// OpenPGP: 4E1055DC84E9DFF613D78557719D69D324539450

On Sat, 30 Oct 2021 00:20, Damien Goutte-Gattat said:

> Private key only. I believe the purely “mathematical” components of
> the public key can be derived from it (though I may be wrong here),

That is right. Since some releases we also record the creation date of
the key so that we can easily derive the OpenPGP fingerprint. Without
that creation time we would need to loop over all seconds since about
1997 to figure out the fingerprint.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.