Referring to Keys

Outlines how to refer to GnuPG keys in code using Crypt_GPG.

Fingerprint

Crypt_GPG supports referring to a key in several ways. The most definitive way to refer to a specific key is to use the key's fingerprint. Key fingerprints are generated by performing a checksum on the actual content of a key. A fingerprint appears as a string of hexadecimal characters, sometimes separated by spaces or colons. For example: F94A F628 5725 7147 0569 F9FF E995 8292 DB15 A2C9. The fingerprint of a key can be retrieved using the Crypt_GPG::getKeys() and Crypt_GPG::getFingerprint() methods. Alternatively, the following command may be used to list keys on a console:

$ gpg --list-keys --with-fingerprint --with-fingerprint
    

--with-fingerprint is doubled intentionally.

Key ID

Keys may also be referenced by the key id. The key id is an eight-octal long hexadecimal number. The key id can be obtained using Crypt_GPG::getKeys(). Though rare, it is possible to have two keys with the same key id. The key id may also be obtained using the following command:

$ gpg --list-keys --with-colons
    

The key id is the fifth colon-separated field. A partial key id may also be used to reference a key. The partial key id is the lower four octals of a full key id and may be obtained using the following command:

$ gpg --list-keys
    

User ID

Lastly, keys may be referenced by all or part of the key's user id. For example, Test User (test key) <test@example.com>, Test User <test@example.com> and test@example.com may all be used to refer to the same key. When there is more than on key in the keyring with the same user id (or partial user id), the first key is used. In these cases, it is important to use a more specific identifier to ensure the correct key is used. In general, unless the keyring contains many keys, the less specific but more convenient form of test@example.com is fine to use.

    Поддержать сайт на родительском проекте КГБ