Unrevoking a PGP Key
Wednesday, May 23rd, 2007My old PGP key, 0×8D1F7423, expired last April. Once again I generated a key that expires in 365 days, exported my public key to key servers, and generated a revocation certificate for it. Saving one revocation certificate to a file and printing the other in the event that my hardware becomes misplaced, destroyed, or otherwise ’superseded’.
I navigated to the directory and double clicked the revocation certificate expecting gedit to appear, but nothing happened. After launching GnuPG I was able to confirm what had just occurred.
Seahorse (a GnuPG front end for Gnome) imported the signature into my keyring. Ah Shit.
Normally I’d restore the backup, but the key was so new I didn’t have time to make one. Luckily I had yet to publish the newly revoked key to any key servers, so I figured there had to be a way to strip out the revocation signature as it only existed on my PC. After a little research I stumbled upon a message board giving me the solution I needed.
Computer forensics and cryptography have always been a hobby of mine.