From 89c692f60ef7c03211ccdd938da6556a02048c26 Mon Sep 17 00:00:00 2001
From: Pablo Ovelleiro Corral <mail@pablo.tools>
Date: Tue, 26 Mar 2024 14:48:45 +0100
Subject: [PATCH] update readme

---
 README.md | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a56dd9d..08f583b 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,19 @@
+1. I have a GPG keypair in the same format as the one provided in `test-key.asc`. It is `ed25519`.
+2. That key was used to encrypt a file with [age encryption](https://github.com/FiloSottile/age) as shown below
+3. I want to decrypt that file, but only have a GPG secret key, as I couldn't
+   find out how to derive a SSH or age key from it.
+
+**GOAL**: Derive an age key from the provided GPG key that decrypt the file as
+shown below. A SSH key is also enough, since it can be used with `ssh-to-age` to
+derive the age key.
+
+##### Notes:
+
+- A tool exists to do this for RSA keys: [openpgp2ssh](https://manpages.ubuntu.com/manpages/xenial/man1/openpgp2ssh.1.html) but it does not seem to support `ed25519` keys
+- Work on `gnupg` was started for this feature, but never finished see this
+  issue and commit: https://dev.gnupg.org/T6647
+
+## Example
 
 Example key provided in `test-key.asc` to be imported. Use `--homedir` with
 `gpg` to set a temporary `.gnupg` directory
@@ -39,8 +55,14 @@ age18s8m9hvlrwvltgys4lafyyqe356ntc7e06t4kd2nccqm5amsaa2s878mju # saved as age-pu
 ❯ age --encrypt -R age-public-key testfile.txt > testfile.txt.age
 ```
 
-### Try to decrypt
+### Get secret age key
 
+```sh
+❯ go run main.go                                                                                                                                                                                                       impure ❄ ssh-to-age age
+AGE-SECRET-KEY-165W948VSG5QEM0RPEUX8T3K4YXJT2WF83C2GXQH8Q3Q0ZHCTH44SSV0H34 # saved as age-secret-key
+```
+
+### Try to decrypt
 ```sh
 ❯ age --decrypt --identity age-secret-key --output decrypted testfile.txt.age                                                                                                                                          impure ❄ ssh-to-age age
 age: error: no identity matched any of the recipients