Question abut use of --cipher-algo AES & --openpgp

Peter S. May me at
Tue Nov 7 18:26:14 CET 2006

Hash: SHA1

Henry Hertz Hobbit wrote:
> Even if you do have an encrypted file that doesn't use these,
> is there anything wrong with the file command returning the
> answers given for the first six bytes of the file?  I can't
> find any information that they are used for any other kind
> of file.

A trivial example:  Your specified headers all take the form

8c 0d 04 XX ...

The first byte, 8c, or bin 10001100, represents an old-format packet,
tag 3, length type 0 (one octet length).  0d is the length (13), 04 is
the packet version (4), XX is the cipher algorithm, and the rest may vary.

A 100% semantically identical packet could be formatted starting like this:

c3 ff 00 00 00 0d 04 XX ...

The point isn't that this is normal, but that it is _allowed_ and
_could_ be normal in another implementation.  A related (and more real)
problem with this heuristic check is that no part of the standard
requires the tag-3 packet to be the first packet in the file.  Because
of this, you really need to use a program that knows how to grok all of
OpenPGP to do this sort of checking.  It's really not that hard to
design one after having read RFC 2440--I can think of a few ways I'd do
it in Perl--but there's no point in writing a new program for checking
the packets in a GnuPG-produced file when GnuPG already does the same thing.

My two more cents -- PSM
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the Gnupg-users mailing list