Multiple Sym. Encrypted Packets

Peter S. May me at psmay.com
Tue Nov 7 18:45:18 CET 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My thinking is that this isn't so much a problem with packet formats as
general syntax.  It sounds like you're trying to put two distinct
OpenPGP messages into the same file.  The section "OpenPGP Messages"
(10.3 in RFC2440-bis-18) in the spec defines the orders of packets that
make sense.  If you've taken a compiler design course or know how to use
yacc/bison, it's straightforward to find that [PKESK][SED][PKESK][SED]
and [PKESK][PKESK][SED][SED] are not syntactically valid.

If you want your stream to contain multiple OpenPGP messages, you'll
have to figure out how to do it outside of OpenPGP proper.

Good fortune
PSM

Emlyn Jones wrote:
> Hello,
> I've written some code to generate an encrypted message which I can
> successfully decrypt using gpg. Currently the packet stream contains
> one Public-Key Encrypted Session Key Packet and one Symmetrically
> Encrypted Data Packet and works perfectly. However, I would like to
> set up the packet stream to contain multiple pairs of these packets.
> When I try it gpg fails to correctly read the packet immediately
> following the SED packet (it finds an invalid packet). Am I making
> sense?
> This works:
> [PKESK][SED]
> as does this:
> [PKESK] [PKESK][SED]
> 
> This doesn't:
> [PKESK][SED][PKESK][SED] (fails reading the second PKESK)
> 
> This will read the two PKESK packets and the first SED but not the final
> one:
> [PKESK][PKESK][SED][SED]
> 
> I have two questions:
> i)Should this be possible?
> ii)Are there any tools  (other than gpg -vvv) to help debug what gpg
> is finding in my packet stream?
> iii)I'm pretty confident the size of the SED packet is specified
> correctly but do I need to make sure that the SED packet size is a
> multiple of the algorithm's block size?
> 
> Any pointers gratefully received.
> Thanks,
> Emlyn.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFUMYmei6R+3iF2vwRAhZSAKCJFNWzaUbpIEsKLN5GhtAQ06r26wCgqIaq
Rf35KOxBShwNvsekgo2kjHc=
=hmp9
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list