What is a PGP fingerprint?

The fingerprint is a hash over the public key packet that uniquely identifies it. For version-4 keys it is the SHA-1 of the key material with a fixed prefix; the last 8 bytes form the short key ID you usually see.

Is my key uploaded anywhere?

No. The armor is decoded and the packets are parsed entirely in your browser. Public keys are meant to be shared, but even a private key block is processed locally and never transmitted.

Which algorithms are recognised?

It maps the public-key algorithm byte to RSA, DSA, ElGamal, ECDH, ECDSA and EdDSA (Ed25519). Unknown algorithm IDs are shown as a numeric code so you can look them up against RFC 4880 / RFC 6637.

An OpenPGP key is usually a primary key (used for certification and signing) plus one or more subkeys (often a dedicated encryption subkey). The inspector lists each subkey with its own fingerprint and algorithm.

Why is the fingerprint shown for v4 keys only?

This tool computes fingerprints for version-4 keys, which use a SHA-1 construction this browser can hash with Web Crypto. Legacy v3 keys (rare today) used an MD5 scheme that is not implemented here, so only their basic fields are shown.

PGP / OpenPGP Key Inspector

An OpenPGP key distributed as ASCII armor is a Base64 wrapper (with a CRC-24 checksum) around a sequence of binary packets defined by RFC 4880. The first packet is the primary public key; it is followed by User ID packets, signatures, and one or more subkeys. This inspector de-armors the block, walks the packets, and computes the version-4 fingerprint so you can confirm a key’s identity before trusting it.

How it works

De-armor: strip the -----BEGIN ...----- lines and the CRC line, then Base64-decode the body to raw bytes.
Parse packets: each packet has a tag and a length; the tool reads the tag (public key = 6, public subkey = 14, User ID = 13) and slices out its body.
Read the primary key: version, creation timestamp, and the public-key algorithm byte.
Compute the fingerprint for v4 keys: hash 0x99 ‖ two-byte-length ‖ key-packet-body with SHA-1; the result is the fingerprint, and its low 8 bytes are the key ID.

User IDs are decoded as UTF-8 text (typically Name <email>), and each subkey is parsed the same way as the primary.

Example

A decoded key looks like:

Algorithm:    EdDSA (Ed25519)
Created:      2024-09-12T10:00:00Z
Key ID:       A1B2C3D4E5F60718
Fingerprint:  1111 2222 3333 4444 5555  6666 7777 8888 A1B2 C3D4
User IDs:     Ada Lovelace <[email protected]>
Subkeys:      1 (ECDH encryption subkey)

Notes

Fingerprints are computed with the browser’s Web Crypto SHA-1, the standard hash for v4 OpenPGP fingerprints. Everything runs locally, so even a private-key block stays on your device. Packet parsing supports both the old and new length formats; truncated or corrupt armor is reported rather than guessed.