Checksum in Secret Key Packet

Hasnain Mujtaba hmujtaba at forumsys.com
Wed Jun 16 00:50:44 CEST 2004 

I was refering to the cleartext checksum. Please see below (key was
generated with GPG107). If I understand the RFC bis10 correctly, the
clear text checksum is deprecated. Is that correct?

:secret key packet:
	version 4, algo 1, created 1087325558, expires 0
	skey[0]: [1024 bits]
	skey[1]: [6 bits]
	skey[2]: [1022 bits]
	skey[3]: [512 bits]
	skey[4]: [512 bits]
	skey[5]: [508 bits]
	checksum: a41d
:user ID packet: "rsa_1k <rsa_1k at f.com>"
:signature packet: algo 1, keyid CFD0C948624124B4
	version 4, created 1087325558, md5len 0, sigclass 13
	digest algo 2, begin of digest 4b 65
	hashed subpkt 2 len 5 (sig created 2004-06-15)
	hashed subpkt 27 len 2 (key flags: 0F)
	hashed subpkt 9 len 5 (key expires after 1y1d0h0m)
	hashed subpkt 30 len 2 (features: 01)
	hashed subpkt 23 len 2 (key server preferences: 80)
	subpkt 16 len 9 (issuer key ID CFD0C948624124B4)
	data: [1024 bits]
:public key packet:
	version 4, algo 1, created 1087325558, expires 0
	pkey[0]: [1024 bits]
	pkey[1]: [6 bits]
:user ID packet: "rsa_1k <rsa_1k at f.com>"
:signature packet: algo 1, keyid CFD0C948624124B4
	version 4, created 1087325558, md5len 0, sigclass 13
	digest algo 2, begin of digest 4b 65
	hashed subpkt 2 len 5 (sig created 2004-06-15)
	hashed subpkt 27 len 2 (key flags: 0F)
	hashed subpkt 9 len 5 (key expires after 1y1d0h0m)
	hashed subpkt 30 len 2 (features: 01)
	hashed subpkt 23 len 2 (key server preferences: 80)
	subpkt 16 len 9 (issuer key ID CFD0C948624124B4)
	data: [1024 bits]

-----Original Message-----
From: gnupg-users-bounces at gnupg.org
[mailto:gnupg-users-bounces at gnupg.org] On Behalf Of David Shaw
Sent: Tuesday, June 15, 2004 5:57 PM
To: gnupg-users at gnupg.org
Subject: Re: Checksum in Secret Key Packet

On Tue, Jun 15, 2004 at 05:35:39PM -0400, Hasnain Mujtaba wrote:
> Hi All,
> 
> A question about the checksum field in RSA Secret Key Packets. GPG107
> RSA secret key packets contain a checksum field. Whereas GPG124 RSA
> secret key packets do not have the checksum field.  Why this omission?

> 
> I am trying to load some old GPG107 RSA 2048 keypairs into my Cryptix
> keyrings and the checksum validation is failing.  But GPG124 RSA
> keypairs, because they don't have the checksum, are loading fine. 
> 
> Seems like the RSA secret key packet structure has changed
considerably
> between GPG107 and GPG124. 

No, they're the same.  You might have turned the checksum off when you
generated the 1.2.4 key, but that's something you did, not a change in
GnuPG.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list