On Thu, 26 Mar 1998, Hal Finney wrote:
I may not have been clear. The symmetric-key ESK packet does not have
a 10 byte prefix for the encrypted SK. It is the next packet, the
symmetrically encrypted data packet (section 5.7), which has the prefix.
That prefix allows you to know if the passphrase is good, so there is no
need for a checksum in the ESK packets.
It is true that the public key ESK packet has a checksum anyway, but it
is not strictly necessary since the SK gets checked in the very next step
when we decrypt the message proper.
But you can have *multiple* SKESK entries, one for each of several
passphrases, much like you can have multiple PKE packets. So do you
rewind and check each one, or do you store the values in an array since
you don't know which of the several is the correct one until you try them
on the actual encrypted message.
--- reply to tzeruch - at - ceddec - dot - com ---