For Encrypted Session Key Packets (Section 5.1) the OpenPGP spec states:
The encrypted value "m" in the above formulas is derived from the
session key as follows. First the session key is prepended with a
one-octet algorithm identifier that specifies the conventional
encryption algorithm used to encrypt the following Symmetrically
Encrypted Data Packet. *Then a two-octet checksum is appended which is
equal to the sum of the preceding octets, including the algorithm
identifier and session key, modulo 65536.*
The problem is with the checksum, the spec states that it includes the
algorithm identifier, whereas in PGP 2.x it actually doesn't, it only
includes the session key itself. I'm not sure is this is the case for PGP
5.x though. Also it might be handy to mention that the checksum is in MSB
ordering.
So perhaps if it was changed to:
Then a two-octet checksum in MSB order is appended, which is
equal to the sum of the preceding session key octets, modulo 65536.
--
Lindsay Mathieson
Black Paw Communications
Using MailCat for Win32 Release Vs 2.7, on January 25, 1998, in Win95
4.0
http://www.blackpaw.com/