[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Sample Twofish message
> I believe Uri was referring to the passphrase-protected secret key
> data, which does use an IV in the conventional sense.
Hmmm, from the pgp 2.6.3 documentation about secret key certificates:
| and the checksum is used to tell if the password was good. The CFB
| IV field is just encrypted random data, assuming the "true" IV was
This is what is done in GnuPG too and I have checked interoperability
against pgp 5.0beta.
> the rest of the packet anyway, so there is no need to parse it. You do
> have information about the overall packet size from the packet headers,
> so you can just skip past the encrypted data.
Sure, it adds extra complexity to the already complex issue with
S2K and pgp2 mode - but no problem ;-)
> approach for this problem. I will post a summary later this morning.
This means late evening in Europe :-(
Werner Koch at guug.de www.gnupg.org keyid 621CC013