Question abut use of --cipher-algo AES & --openpgp

Henry Hertz Hobbit hhhobbit at securemecca.net
Fri Nov 3 04:15:44 CET 2006 

On Thu, 2006-11-02 at 17:10 -0700, Henry Hertz Hobbit wrote:
> On Thu, 2006-11-02 at 16:26 -0500,  Patrick R. Dunbar
> <pdunbar at boothnewspapers.com> wrote:
> 
> 
> > I am required to encrypt a document using the --cipher-algo AES switch
> > using gpg on a Solaris 10 system using gpg (GnuPG) 1.2.6.
> > The company that is receiving this file requires that the file be
> > encrypted with the --openpgp switch.
> > I have run --edit-key showpref on the receiving key and it shows that
> > AES is a usable cipher.
> > 
> > My question: does the --openpgp switch interfere with the --cipher-algo
> > AES switch?
> > Also is there any way to check if a gpg encrypted file is encrypted
> > using AES?
> > 
> > Thanks in advance for any replies.
> 
> The --openpgp should not cause any problems for you.

<SNIP>

And here is the program to check for the file type.  It is
ARDENTLY hoped that the "file" programmers get all of it squared
away (I may have something wrong)  so this program can disappear.

<C-Code>
/***********************************************************************
\
*
*	File:		cfile.c
*	Date:		Thu Nov  2 18:50:53 MST 2006
*	Author:		Henry Hertz Hobbit
*	Contact:	hhhobbit at securemecca.com
*
*	This program checks whether a file is an OpenPGP (GnuPG only?)
*	file that was encrypted with a symmetric cipher, and  shows
*	what cipher was used to encrypt it.
*
*	If somebody can show me how I am wrong in the header or in any
*	of the byte values for the encryption, please steer me in the
*	appropriate way.  Here was what I found:
*	
*	3DES:           8C 0D 04  02 03 02
*	CAST5:          8C 0D 04  03 03 02
*	BLOWFISH:       8C 0D 04  04 03 02
*	AES:            8C 0D 04  07 03 02
*	AES192:         8C 0D 04  08 03 02
*	AES256:         8C 0D 04  09 03 02
*	TWOFISH:        8C 0D 04  0A 03 02
*
*
*	It is Gnu licensed and it is HOPED that the various versions
*	of the file program will incorporate this information into
*	them so that this program will no longer exist.
*
\***********************************************************************/

#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>

#define MESSAGE_STRING	256
#define INBLOCK_SIZE	16
#define KNOWN_CIPHERS	12
#define FILENAME	argv

char		message[MESSAGE_STRING];
unsigned char	inBlock[INBLOCK_SIZE];
char		cipherName[KNOWN_CIPHERS][12] =
{
	" unknown\n",		" unknown\n",
	" 3DES\n",		" CAST5\n",
	" BLOWFISH\n",		" unknown\n",
	" unknown\n",		" AES\n",
	" AES192\n",		" AES256\n",
	" TWOFISH\n",		" unknown\n"
};
unsigned char	preamble[4] = { 0x8c, 0x0d, 0x04, 0x00 };
unsigned char	lastTwo[4] = { 0x03, 0x02, 0x00, 0x00 };

int main(int argc, char *argv[])
{
	int		flp;
	int		inFd;
	int		bytesRead;
	unsigned char	*lastTwoPtr;
	unsigned char	*cipherTypePtr;
	unsigned char	tmp;
	int		cipherType;

	if (argc < 2)
	{
		puts("usage: cfile <file_spec> [file_spec ..]");
		exit(0);
	}

	lastTwoPtr = (inBlock + 4);
	cipherTypePtr = (inBlock + 3);
	for (flp = 1; flp < argc; flp++)
	{
		if ((inFd = open(FILENAME[flp], O_RDONLY)) == -1)
		{
			fprintf(stderr,
				"could not open file %s...skipping\n",
				FILENAME[flp]);
			continue;
		}
		bytesRead = read(inFd, inBlock, (size_t)INBLOCK_SIZE);
		close(inFd);
		strncpy(message, FILENAME[flp], MESSAGE_STRING);
		if (bytesRead < 6)
		{
			if (bytesRead > 0)
			{
				strncat(message,": data\n",
					MESSAGE_STRING);
			}
			else
			{
				strncat(message, ": empty file\n",
					MESSAGE_STRING);
			}
		}
		else
		{
			if ((memcmp(inBlock, preamble, (size_t)3) == 0)
			 &&
			(memcmp(lastTwoPtr, lastTwo, (size_t)2) == 0))
			{
				strncat(message,
		": OpenPGP symmetric cipher = ",MESSAGE_STRING); 
				tmp = *cipherTypePtr;
				cipherType = (int)tmp;
				if (cipherType < KNOWN_CIPHERS)
				{
					strncat(message,
						cipherName[cipherType],
						MESSAGE_STRING);
				}
				else
				{
					strncat(message, cipherName[0],
						MESSAGE_STRING);
				}
			}
			else /* not an OpenPGP symmetric cipher file */
			{
				strncat(message,
				": (unknown - use file command)\n",
				MESSAGE_STRING);
			}
		}
		fputs(message, stdout);

	} /* end of file loop */

	exit(0);
}
</C-Code>

If anybody that has PGP or any other symmetric cipher program
could do the following, I would appreciate it.

1. Create a folder named PGP_SymCiphers
2. Create a file named test.txt with the following line in it:

	password = simple (or pick your own)
        Encrypted with = { YOUR Encryption Program Name }

3. backup the file if necessary to baktest.txt

4. Repeatedly encrypt test.txt with every cipher, but change
   the extension to the cipher name, e.g. test.3des for the
   3DES encrypted file.

5. zip the folder and send it to me.

I could care less what a RFC page says - THEY FREQUENTLY LIE!
The acid test is what is actually in the file.

HHH

More information about the Gnupg-users mailing list