Secret key storage question
David Shaw
dshaw at jabberwocky.com
Tue Jun 18 22:58:01 CEST 2002
On Tue, Jun 18, 2002 at 12:40:47PM -0500, Robert J. Hansen wrote:
> > Also, can the passphrase be any string of bits (lumped into bytes before
> > giving it to GnuPG), or are there some limitations?
>
> GnuPG is written in C, and C's string-handling routines are quite
> fragile. Even if GnuPG handles arbitrary binary input, there's no
> guarantee that the standard C library on whatever system it's running on
> will be as well-behaved.
>
> As an obvious example, consider throwing in a zero-byte. Zero-byte has
> two meanings: one is ASCII 0 (NULL), and the other is C "end of
> string". So if your passphrase were to be 128 bits, but in bits 8-15
> you had eight binary 0s, GnuPG would stop reading the input and truncate
> your passphrase at bit 8--leaving you with only eight bits of entropy in
> your passphrase.
This is one of the things that --passphrase-fd handles. Using
--passphrase-fd bypasses all string handling and reads the raw
passphrase directly from a file descriptor. All characters except for
\n (newline) are permitted, which includes control characters, NULLs,
etc. Putting that numerically, you can use characters 0-9 and 11-255.
Note that if you depart too far from regular alphanumeric characters
then you can make a passphrase that isn't typable via a keyboard
(which may be a good thing, if that's what you want).
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
More information about the Gnupg-devel
mailing list