Check that s2k-count has changed

Chris Poole lists at
Fri Jul 8 20:35:57 CEST 2011

On 8 Jul 2011, at 17:31, David Shaw <dshaw at> wrote:
> Yes.  Note that the list-packets output shows the internal packed value: 6553600 should come out to 201.  The default of 65536 would encode to 96.

I do indeed get 201. Out of interest, how is that calculated?

I also changed the digest algorithm to SHA512; the iter+salt line shows this, but still mentions SHA1 protection.

Am I right in thinking that this means SHA1 is always used as a kind of checksum for the passphrase (only that and a simple checksum being specified by RFC4880), but the passphrase itself is stored as a SHA512 digest after 6553600 iterations of the hash function?



More information about the Gnupg-users mailing list