redbird at rbisland.cx
Sun Jul 28 19:01:02 CEST 2002
On Sunday, July 28, 2002, at 11:16 AM, David Shaw wrote:
> On Sun, Jul 28, 2002 at 11:02:56AM -0400, Gordon Worley wrote:
>> When I symmetrically encrypt a file, I have a few questions about what
>> is generated:
>> - Where is the key stored?
>> - Is the passphrase used to protect a key? Is the passphrase the key?
> It depends on what sort of symmetric encryption settings you use. By
> default, GnuPG does the same sort of thing it does with public key
> encryption - random session key, encrypt the data with the session
> key, then encrypt the session key. The difference with --symmetric is
> that it then encrypts the session key with your passphrase, rather
> than with a public key. When --rfc1991 is specified, GnuPG just
> encrypts the data itself with your passphrase. There are a few
> possible ways to turn a passphrase into a key - see the "String-to-key
> (S2K) specifiers" section in RFC 2440.
>> - How is the output formatted? Can a program other than GnuPG decrypt
> The format is fairly simple, and a program other then GnuPG or PGP can
> certainly decrypt it. The exact details are in RFC 2440.
Thanks. One more question: how do I know what cipher was used? I see
that I can set this using --cipher-algo and --s2k-cipher-algo (the
former of course being the better way to do this), but when I
symmetrically encrypt a file I'm not told anything until decryption,
when it does show the algorithm that was used. Is there anyway to find
this out before or during encryption?
Also, Marcus, if it isn't already in CVS, could you add the ability to
set the cipher algorithm from GPGME?
Gordon Worley - Mac GPG Project
http://macgpg.sourceforge.net/ ``Doveriai no proveriai.''
redbird at rbisland.cx --Russian proverb
More information about the Gnupg-devel