How do I create a revocation certificate for a keypair generated with OpenPGP-PHP?

[fabacab]

I am trying to figure out how to create a revocation certificate for a keypair generated with this library but did not find any information about doing this in the examples. I notice that the API docs do contain classes such as OpenPGP_SignaturePacket_ReasonforRevocationPacket but I'm unclear on whether these classes simply parse OpenPGP packets or actually create revocation certificates themselves.

In lieu of code, I tried importing a file containing both the private and public key parts into my GnuPG keyring and then running gpg2 --output ~/tmp/testrevoke.asc --gen-revoke MY_KEY_ID, but I received the following error output:

NOTE: This key is not protected!
ASCII armored output forced.
gpg: checking created signature failed: Bad signature
gpg: signing failed: Bad signature
gpg: make_keysig_packet failed: Bad signature

Am I doing something wrong? Is it possible to generate revocation certificates for keys that OpenPGP-PHP generates?

[DanielRuf]

Could this also be related to #27?

Not sure, did not yet test the creation of revocation certificates using openpgp-php.

@singpolyma

[singpolyma]

I have never written code for generating or handling revocation certificates. The library certainly provides the tools needed to build such a thing, and it could be added to the library, but there would be some extra cod needed.

[fabacab]

I have never written code for generating or handling revocation certificates.

What about creating a revocation certificate using a different tool (like GnuPG) for a keypair created with OpenPGP-PHP? That's what I was trying to do originally, but that failed as described above, too.

[fabacab]

Just a note to say that @singpolyma updated the genkey example and 741fec2 shows the fix needed to have the ability to create a revocation certificate manually. :)

[DanielRuf]

Yes, thanks for the heads up. Saw the changes and read the notifications =)