Question abut use of --cipher-algo AES & --openpgp

Mon Nov 6 20:21:49 CET 2006

For various reasons (in particular, the flexibility of packet formats in
OpenPGP), you _must not_ expect the fourth byte of a message to always
represent the cipher algorithm; it can appear elsewhere.  If you need to
know what cipher algorithm the message you have is in, pipe it to

gpg --list-packets --list-only

If you just want the number, try this:

gpg --list-packets --list-only 2>&1 | \
 perl -n -e '/^:symkey enc packet:.*?cipher (\d+)/ and print "$1\n"'

The number that results, if any, maps according to RFC 2440 or its most
current de facto variant.  bis-18
(<http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-18.txt>)
lists these ciphers:

        ID           Algorithm
        --           ---------
        0          - Plaintext or unencrypted data
        1          - IDEA [IDEA]
        2          - TripleDES (DES-EDE, [SCHNEIER] [HAC] -
                     168 bit key derived from 192)
        3          - CAST5 (128 bit key, as per RFC 2144)
        4          - Blowfish (128 bit key, 16 rounds) [BLOWFISH]
        5          - Reserved
        6          - Reserved
        7          - AES with 128-bit key [AES]
        8          - AES with 192-bit key
        9          - AES with 256-bit key
        10         - Twofish with 256-bit key [TWOFISH]
        100 to 110 - Private/Experimental algorithm.

If you'd rather have the name, try

gpg --list-packets --list-only 2>&1 | \
 perl -n -e '/^gpg: (.*?) encrypted data$/ and print "$1\n"'

And note that this is not likely to work as expected on anything that
isn't symmetric-encrypted input.

Have fun
PSM
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFT4tEei6R+3iF2vwRAuP6AJ4kvPtpt/3Ponzqr4JUdrNS6H5EpgCcCMS5
GC8pte0laTZU/EBDdO8t488=
=vug9
-----END PGP SIGNATURE-----