I'm writing SW that uses opessl library for verifying DSA signatures. I have public keys from senders in gpg format. How can I convert those into .pem so that openssl can read them?
I found this from another thread:
gpgsm -o secret-key.p12 --export-secret-key-p12 0xXXXXXXXX
To do the export I need to have the keys in gpgsm keyring don't I? I just can't figure out how to import my keys into the keyring gpgsm is using. I end up with errors:
gpgsm --import public.asc
gpgsm: total number processed: 0
gpgsm: error importing certificate: End of file
Can gpgsm
somehow use gpg:s keyring and do the export from there?
Best Answer
Your export command is correct but as you suppose, the
gpgsm
's keyring is empty. You can check that with:The output will be nothing.
For your last question: Nope.
gpg
andgpgsm
use different databases. More info is here. You have to create or obtain an OpenSSL key/cert pair and import it (in PKCS#12 format) into gpgsm keyring (usually~/.gnupg/pubring.kbx
) so the import command must be:You can export the keys from one system, convert them and import to another one, but the so-called conversion just supplies the metainfo (in most cases) and a brand new cert/key is being created with that metainfo. You can look here for conversion examples.