Confirmation of cipher?

Werner Koch wk at gnupg.org
Thu Sep 12 12:48:49 CEST 2013 

On Wed, 11 Sep 2013 22:46, jack at jack-brennan.com said:

> When one signs a message GnuGPG will add "Hash:SHA1" or your preferred
> hash at the start of the message.

Only if you use --clearsign. This is here required so that we can
implement one pass verification.  We need to know in advance which hash
algorithm is used.  Thus this header line.  Now when it comes to the
signature block, the same information is there and gpg cross-checks that
they match (it is a bit more complicated in reality, though).

> However a similar line of text isn't available with an encrypted text
> block. Is the reason for this to hide as much

We sign and the encrypt.  Thus the hashing algorithm for the signature
is only available after decryption.

> Is there any way to confidently identify the encryption algorithm used
> with a GPG encrypted text block?

Yes.  For a quick inspection use --verbose (or -v):

  $ fortune | gpg2 -er alpha --always-trust 2>/dev/null| gpg2 -v
[...]
  gpg: encrypted with 1024-bit ELG key, ID DB2405A5, created 1998-09-30
        "Heinrich Heine (alpha test key)"
  gpg: using subkey C193565B instead of primary key 1E42B367
  gpg: encrypted with 2048-bit RSA key, ID C193565B, created 2011-11-07
        "Werner Koch <wk at gnupg.org>"
  gpg: 3DES encrypted data
  gpg: original file name=''
  He was part of my dream, of course -- but then I was part of his dream too.
                  -- Lewis Carroll

For scripting etc use --status-fd:

  $ fortune | gpg2 -er alpha --always-trust 2>/dev/null| gpg2 --status-fd 2 
[...]
  [GNUPG:] ENC_TO F7849FD4DB2405A5 16 0
  [GNUPG:] ENC_TO DF7B7722C193565B 1 0
  gpg: encrypted with 1024-bit ELG key, ID DB2405A5, created 1998-09-30
        "Heinrich Heine (alpha test key)"
  [GNUPG:] NO_SECKEY F7849FD4DB2405A5
  gpg: encrypted with 2048-bit RSA key, ID C193565B, created 2011-11-07
        "Werner Koch <wk at gnupg.org>"
  [GNUPG:] BEGIN_DECRYPTION
  [GNUPG:] DECRYPTION_INFO 0 2
  [GNUPG:] PLAINTEXT 62 1378982325 
  [GNUPG:] PLAINTEXT_LENGTH 96
  Q:      What's the difference between a duck and an elephant?
  A:      You can't get down off an elephant.
  [GNUPG:] DECRYPTION_OKAY
  gpg: WARNING: message was not integrity protected
  [GNUPG:] END_DECRYPTION

Here the status line    

  [GNUPG:] DECRYPTION_INFO 0 2

returns the info about the used symmetric algorithm:

  DECRYPTION_INFO <mdc_method> <sym_algo>
    Print information about the symmetric encryption algorithm and the
    MDC method.  This will be emitted even if the decryption fails.

Thus is our case we don't use an MDC (this is becuase the alpha test key
is very old and does not have a preference for this.  The symmetric
encryption algorithnm is 2 which is the OpenPGP id for TripeDES.

Note, that GPGME has currently no way to return that info.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list