Up: Debugging Tools [Contents][Index]
A keybox is a file format used to store public keys along with meta information and indices. The commonly used one is the file pubring.kbx in the .gnupg directory. It contains all X.509 certificates as well as OpenPGP keys3 .
When called the standard way, e.g.:
‘kbxutil ~/.gnupg/pubring.kbx’
it lists all records (called blobs) with there meta-information in a human readable format.
To see statistics on the keybox in question, run it using
‘kbxutil --stats ~/.gnupg/pubring.kbx’
and you get an output like:
Total number of blobs: 99 header: 1 empty: 0 openpgp: 0 x509: 98 non flagged: 81 secret flagged: 0 ephemeral flagged: 17
In this example you see that the keybox does not have any OpenPGP keys
but contains 98 X.509 certificates and a total of 17 keys or certificates
are flagged as ephemeral, meaning that they are only temporary stored
(cached) in the keybox and won’t get listed using the usual commands
provided by gpgsm
or gpg
. 81 certificates are stored
in a standard way and directly available from gpgsm
.
To find duplicated certificates and keyblocks in a keybox file (this should not occur but sometimes things go wrong), run it using
‘kbxutil --find-dups ~/.gnupg/pubring.kbx’