Encrypted session key support
twoaday at freakmail.de
Thu Jun 6 20:53:01 CEST 2002
recently I added encrypted session key support for the
"Symmetric-Key Encrypted Session-Key Packets (Tag 3)" in GPG (CVS).
[from RFC2440 5.3.]
- Optionally, the encrypted session key itself, which is decrypted
with the string-to-key object.
We need this step to support the combination of --symmetric and
--encryption. In other words that ciphertext can be deciphered either
by a passphrase or a session key. It'll take a while until this feature
is fully available.
Now my question is how to activate this option. By default we only
use the S2K output as a session key for --symmetric. My first idea
was to use an option like "--advanced". But I'm even not sure if PGP
supports this mode for symmetric encryption. Maybe we should activate
it by default when --expert is used but this would be only useful when
PGP also supports it.
Any hints are welcome,
More information about the Gnupg-devel