stefan2904/gpgRevocationDemo

## gpgRevocationDemo
% gpg --gen-revoke 29743D54EDCBB855 > revocation.asc

sec  1024R/29743D54EDCBB855 2014-11-10 JavaPrivacyGuard <crypto+jpg12@2904.cc>

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
  0 = No reason specified
  1 = Key has been compromised
  2 = Key is superseded
  3 = Key is no longer used
  Q = Cancel
(Probably you want to select 1 here)
Your decision? 2
Enter an optional description; end it with an empty line:
> experimental key
>
Reason for revocation: Key is superseded
experimental key
Is this okay? (y/N) y
NOTE: This key is not protected!
ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable.  But have some caution:  The print system of
your machine might store the data and make it available to others!


% cat revocation.asc
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: A revocation certificate should follow

iK8EIAEKABkFAlTqoxcSHQFleHBlcmltZW50YWwga2V5AAoJECl0PVTty7hV55YE
AKkk0gWOX48KmIWJySLHcxhyYdMuHSA+E718ObdjPIkvRmFE+QtU09VvO2orYqya
SOF1utTm1xUPEuFMmlePZmjFoSmF8TrdPnys+wypvKqpYYzBNK8yxOYp7lggAQZE
2Bnl1hOCbNQRMgYA3PZbr/IGmU0bSp03WrJyg5G9TayC
=9UbU
-----END PGP PUBLIC KEY BLOCK-----


% gpg --list-packets revocation.asc
:signature packet: algo 1, keyid 29743D54EDCBB855
	version 4, created 1424663319, md5len 0, sigclass 0x20
	digest algo 10, begin of digest e7 96
	hashed subpkt 2 len 4 (sig created 2015-02-23)
	hashed subpkt 29 len 17 (revocation reason 0x01 (experimental key))
	subpkt 16 len 8 (issuer key ID 29743D54EDCBB855)
	data: [1024 bits]


% pgpdump -ilmp revocation.asc
Old: Signature Packet(tag 2)(175 bytes)
	Ver 4 - new
	Sig type - Key revocation signature(0x20).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA512(hash 10)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
		Time - Mon Feb 23 04:48:39 CET 2015
	Hashed Sub: reason for revocation(sub 29)(17 bytes)
		Reason - Key is superceded
		Comment - experimental key
	Sub: issuer key ID(sub 16)(8 bytes)
		Key ID - 0x29743D54EDCBB855
	Hash left 2 bytes - e7 96
	RSA m^d mod n(1024 bits) - a9 24 d2 05 8e 5f 8f 0a 98 85 89 c9 22 c7 73 18 72 61 d3 2e 1d 20 3e 13 bd 7c 39 b7 63 3c 89 2f 46 61 44 f9 0b 54 d3 d5 6f 3b 6a 2b 62 ac 9a 48 e1 75 ba d4 e6 d7 15 0f 12 e1 4c 9a 57 8f 66 68 c5 a1 29 85 f1 3a dd 3e 7c ac fb 0c a9 bc aa a9 61 8c c1 34 af 32 c4 e6 29 ee 58 20 01 06 44 d8 19 e5 d6 13 82 6c d4 11 32 06 00 dc f6 5b af f2 06 99 4d 1b 4a 9d 37 5a b2 72 83 91 bd 4d ac 82
		-> PKCS-1
	% gpg --gen-revoke 29743D54EDCBB855 > revocation.asc

	sec 1024R/29743D54EDCBB855 2014-11-10 JavaPrivacyGuard <crypto+jpg12@2904.cc>

	Create a revocation certificate for this key? (y/N) y
	Please select the reason for the revocation:
	0 = No reason specified
	1 = Key has been compromised
	2 = Key is superseded
	3 = Key is no longer used
	Q = Cancel
	(Probably you want to select 1 here)
	Your decision? 2
	Enter an optional description; end it with an empty line:
	> experimental key
	>
	Reason for revocation: Key is superseded
	experimental key
	Is this okay? (y/N) y
	NOTE: This key is not protected!
	ASCII armored output forced.
	Revocation certificate created.

	Please move it to a medium which you can hide away; if Mallory gets
	access to this certificate he can use it to make your key unusable.
	It is smart to print this certificate and store it away, just in case
	your media become unreadable. But have some caution: The print system of
	your machine might store the data and make it available to others!



	% cat revocation.asc
	-----BEGIN PGP PUBLIC KEY BLOCK-----
	Comment: A revocation certificate should follow

	iK8EIAEKABkFAlTqoxcSHQFleHBlcmltZW50YWwga2V5AAoJECl0PVTty7hV55YE
	AKkk0gWOX48KmIWJySLHcxhyYdMuHSA+E718ObdjPIkvRmFE+QtU09VvO2orYqya
	SOF1utTm1xUPEuFMmlePZmjFoSmF8TrdPnys+wypvKqpYYzBNK8yxOYp7lggAQZE
	2Bnl1hOCbNQRMgYA3PZbr/IGmU0bSp03WrJyg5G9TayC
	=9UbU
	-----END PGP PUBLIC KEY BLOCK-----



	% gpg --list-packets revocation.asc
	:signature packet: algo 1, keyid 29743D54EDCBB855
	version 4, created 1424663319, md5len 0, sigclass 0x20
	digest algo 10, begin of digest e7 96
	hashed subpkt 2 len 4 (sig created 2015-02-23)
	hashed subpkt 29 len 17 (revocation reason 0x01 (experimental key))
	subpkt 16 len 8 (issuer key ID 29743D54EDCBB855)
	data: [1024 bits]



	% pgpdump -ilmp revocation.asc
	Old: Signature Packet(tag 2)(175 bytes)
	Ver 4 - new
	Sig type - Key revocation signature(0x20).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA512(hash 10)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
	Time - Mon Feb 23 04:48:39 CET 2015
	Hashed Sub: reason for revocation(sub 29)(17 bytes)
	Reason - Key is superceded
	Comment - experimental key
	Sub: issuer key ID(sub 16)(8 bytes)
	Key ID - 0x29743D54EDCBB855
	Hash left 2 bytes - e7 96
	RSA m^d mod n(1024 bits) - a9 24 d2 05 8e 5f 8f 0a 98 85 89 c9 22 c7 73 18 72 61 d3 2e 1d 20 3e 13 bd 7c 39 b7 63 3c 89 2f 46 61 44 f9 0b 54 d3 d5 6f 3b 6a 2b 62 ac 9a 48 e1 75 ba d4 e6 d7 15 0f 12 e1 4c 9a 57 8f 66 68 c5 a1 29 85 f1 3a dd 3e 7c ac fb 0c a9 bc aa a9 61 8c c1 34 af 32 c4 e6 29 ee 58 20 01 06 44 d8 19 e5 d6 13 82 6c d4 11 32 06 00 dc f6 5b af f2 06 99 4d 1b 4a 9d 37 5a b2 72 83 91 bd 4d ac 82
	-> PKCS-1