yOn Thu, 13 May 1999 hal(_at_)226-132(_dot_)adsl2(_dot_)avtel(_dot_)net wrote:
encryptwithmdc( <plaintext packet>, <mdc packet> )
(Note that what I showed here as "<plaintext packet>" could actually
be multiple packets long. It would be better described as an "<OpenPGP
Message>" in the syntax of section 10.2 of RFC2440.)
If we did go with something like this, how would we handle the hashing
of the packet headers on the mdc packet? They should probably be hashed
too, don't you think?
The simplest case from my point of view would be that we hash all the
encrypted material except for the last 20 bytes (assuming we settle on
a SHA-1 hash).
You probably would have the entire MDC packet in the buffer, so you could
use the prefix MDC as a sort of initial text to the hash function.
And also hash the beginning of the MDC value packet. It would end up with
the final 20 bytes at the end, so it should work almost transparently.
One note, that it could mean hashing the packet content at this level
including the CTB bytes. I would rather not hash the CTB, or hash a
"normalized" CTB sort of the way keys are prefixed with 99 hh ll for their
signature hash.