Question abut use of --cipher-algo AES & --openpgp
Peter S. May
me at psmay.com
Tue Nov 7 18:26:14 CET 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Henry Hertz Hobbit wrote:
> Even if you do have an encrypted file that doesn't use these,
> is there anything wrong with the file command returning the
> answers given for the first six bytes of the file? I can't
> find any information that they are used for any other kind
> of file.
A trivial example: Your specified headers all take the form
8c 0d 04 XX ...
The first byte, 8c, or bin 10001100, represents an old-format packet,
tag 3, length type 0 (one octet length). 0d is the length (13), 04 is
the packet version (4), XX is the cipher algorithm, and the rest may vary.
A 100% semantically identical packet could be formatted starting like this:
c3 ff 00 00 00 0d 04 XX ...
The point isn't that this is normal, but that it is _allowed_ and
_could_ be normal in another implementation. A related (and more real)
problem with this heuristic check is that no part of the standard
requires the tag-3 packet to be the first packet in the file. Because
of this, you really need to use a program that knows how to grok all of
OpenPGP to do this sort of checking. It's really not that hard to
design one after having read RFC 2440--I can think of a few ways I'd do
it in Perl--but there's no point in writing a new program for checking
the packets in a GnuPG-produced file when GnuPG already does the same thing.
My two more cents -- PSM
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFUMGxei6R+3iF2vwRAj23AKCq5pGs9LUGWXdq1GKIRcNkckW8bQCfUV1N
Udr4sof6gyjayVVOTpwvNaI=
=wIh2
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list