Extracting the PGP keyid from the public key file
You can use gpg --dry-run
to prevent changes.
Following line will print the key id in its output (can be modified using the usual modifiers like --with-colons
for further processing). A4FF2279
is the key ID in here.
$ gpg --dry-run --import pubkey.asc
gpg: key A4FF2279: public key "[User ID not found]" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: no ultimately trusted keys found
Just tried it, the key did not get stored to my keychain, but the key ID was printed. But watch out with --dry-run
, the man page has a warning:
--dry-run Don't make any changes (this is not completely implemented).
A more in-depth discussion of multiple variants for human-readable, machine-readable and very technical output for different versions of GnuPG is found in the Stack Overflow question How to display gpg key details without importing it?. All of them will also present the key ID.
RFC 4880 on OpenPGP message format talks about how to calculate key ID from public key.
Excerpts from section 12.2:
For a V3 key, the eight-octet Key ID consists of the low 64 bits of the public modulus of the RSA key.
And for V4 keys:
A V4 fingerprint is the 160-bit SHA-1 hash of the octet 0x99, followed by the two-octet packet length, followed by the entire Public-Key packet starting with the version field. The Key ID is the low-order 64 bits of the fingerprint.
You can easily parse the last 64 bits from the base64 encoded public keys, which is the key ID for the corresponding public key.
From the gpg manual (gpg (GnuPG) 2.2.11):
--show-keys
This commands takes OpenPGP keys as input and prints information about them in the same way the command --list-keys does for locally stored key. In addition the list options show-unusable-uids, show-unusable-subkeys, show-notations and show-policy-urls are also enabled. As usual for automated processing, this command should be combined with the option --with-colons.
For instance:
$ gpg --show-keys docker-ce.gpg
pub rsa4096 2017-02-22 [SCEA]
9DC858229FC7DD38854AE2D88D81803C0EBFCD88
uid Docker Release (CE deb) <[email protected]>
sub rsa4096 2017-02-22 [S]
where 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 is the key id.