Weak encryption keys
joefresh at gmx.us
joefresh at gmx.us
Tue Mar 23 14:42:49 CET 2021
> Interestingly, when I tried searching the latest GnuPG code base (cloned from github)
> for the "Weak encryption key" error message, nothing showed up.
>
> $ "grep -iRl "Weak encryption key" gnupg
> <no matches>
>
It appears that the problem lies in libgcrypt, which refuses to set a key for this
cipher that's considered weak.
libgcrypt/cipher/blowfish.c
static gcry_err_code_t
do_bf_setkey (BLOWFISH_context *c, const byte *key, unsigned keylen)
...
/* Check for weak key. A weak key is a key in which a value in
the P-array (here c) occurs more than once per table. */
if (weak)
return GPG_ERR_WEAK_KEY;
More information about the Gnupg-users
mailing list