GNU-divert-to-card S2K format

Werner Koch wk at
Thu Feb 26 11:58:37 CET 2015

On Wed, 25 Feb 2015 10:49, peter at said:

> something. It should be:
> S2K specifier 110

Well, it is 101.  I just updated doc/DETAILS>  It now reads:

* GNU extensions to the S2K algorithm

  1 octet  - S2K Usage: either 254 or 255.
  1 octet  - S2K Cipher Algo: 0
  1 octet  - S2K Specifier: 101
  3 octets - "GNU"
  1 octet  - GNU S2K Extension Number.

  If such a GNU extension is used neither an IV nor any kind of
  checksum is used.  The defined GNU S2K Extension Numbers are:

  - 1 :: Do not store the secret part at all.  No specific data

  - 2 :: A stub to access smartcards.  This data follows:
         - One octet with the length of the following serial number.
         - The serial number. Regardless of what the length octet
           indicates no more than 16 octets are stored.

  Note that gpg stores the GNU S2K Extension Number internally as an
  S2K Specifier with an offset of 1000.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list