Question about use of --cipher-algo AES & --openpgp when encrypting a document

Peter S. May me at psmay.com
Fri Nov 3 04:56:53 CET 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Patrick R. Dunbar wrote:
> Also is there any way to check if a gpg encrypted file is encrypted
> using AES?

Henry had some interesting answers, and his program does work for many
cases, but it's slightly ad-hoc and there are many valid possibilities
it might not work for.  You really need a program that knows how to read
the whole format.  Last I checked, gpg does this nicely. ;-)

Try:

gpg --list-packets --list-only enc.gpg

- --list-packets describes what's in the file.  --list-only prevents it
trying to decrypt just to look at what's inside; you don't need to
decrypt to find out the cipher algo.

Here's what the output looked like for something encrypted with CAST5:

:symkey enc packet: version 4, cipher 3, s2k 3, hash 2
        salt aa0896216033e71c, count 96
gpg: CAST5 encrypted data
:encrypted data packet:
        length: unknown
gpg: encrypted with 1 passphrase


And with TWOFISH:

:symkey enc packet: version 4, cipher 10, s2k 3, hash 2
        salt 24fa7e952bcca00e, count 96
gpg: TWOFISH encrypted data
:encrypted data packet:
        length: unknown
        mdc_method: 2
gpg: encrypted with 1 passphrase


And with AES:

:symkey enc packet: version 4, cipher 7, s2k 3, hash 2
        salt 9182cb227dcb6d3b, count 96
gpg: AES encrypted data
:encrypted data packet:
        length: unknown
        mdc_method: 2
gpg: encrypted with 1 passphrase


The numbers after "cipher" (3 for CAST5, 10 for TWOFISH, 7 for AES-128)
correspond to whatever the most current variant of RFC 2440 is (bis 18,
http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-18.txt
, is set to expire on the 11th of this month), or, more specifically,
GPG's interpretation thereof.

Hope that helps
PSM
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFSr4Dei6R+3iF2vwRAsF9AKCTyz6rD1cjVTIr3XtWq8Q2xxOMzACgmQ9S
KlcsACLpBh6HdfcNPYlhelY=
=EB4R
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list