Check that s2k-count has changed
Chris Poole
lists at chrispoole.com
Fri Jul 8 20:35:57 CEST 2011
On 8 Jul 2011, at 17:31, David Shaw <dshaw at jabberwocky.com> wrote:
> Yes. Note that the list-packets output shows the internal packed value: 6553600 should come out to 201. The default of 65536 would encode to 96.
I do indeed get 201. Out of interest, how is that calculated?
I also changed the digest algorithm to SHA512; the iter+salt line shows this, but still mentions SHA1 protection.
Am I right in thinking that this means SHA1 is always used as a kind of checksum for the passphrase (only that and a simple checksum being specified by RFC4880), but the passphrase itself is stored as a SHA512 digest after 6553600 iterations of the hash function?
Cheers
Chris
More information about the Gnupg-users
mailing list