ietf-openpgp
[Top] [All Lists]

Re: typo in rfc2440: secret key packet format

1999-07-30 05:42:11
Hello,

thank you for your mail.
But I have another question.

At 8:31 Uhr -0700 28.07.1999, hal(_at_)finney(_dot_)org wrote:
Sven Wohlgemuth, <sven(_at_)krypt1(_dot_)cs(_dot_)uni-sb(_dot_)de>, writes:
is there a typo in the following section?

5.5.3. Secret Key Packet Formats

   The Secret Key and Secret Subkey packets contain all the data of the
   Public Key and Public Subkey packets, with additional algorithm-
   specific secret key data appended, in encrypted form.

   The packet contains:

     - A Public Key or Public Subkey packet, as described above

     - One octet indicating string-to-key usage conventions.  0
       indicates that the secret key data is not encrypted.  255
       indicates that a string-to-key specifier is being given.  Any
       other value is a symmetric-key encryption algorithm specifier.

     - [Optional] If string-to-key usage octet was 255, an one-octet
                                               ===========
     symmetric encryption algorithm.

should it be replaced by "was between 0 and 255"?
Since a symmetric encryption algorithm specifier is given only if the
preceding value is between 0 and 255.
Am I right?

No, if the value is between 0 and 255 then that value is the symmetric
key algorithm specifier.  So if the value is, say, 1, that means to use
symmetric algorithm 1.  If the value is 255, then the *next* octet holds
the algorithm specifier.

If you see:
      1
then you use algorithm 1.

If you see:
      255, 1
then you use algorithm 1, and thyis is followed by the string-to-key
specifier.
Has a string-to-key specifier to follow the specification of the symmetric
algorithm?
Since I can use the MD5 hash value of the passphrase as a symmetric key.
Why should I write
        255, 1
if I just want to use a symmetric algorithm without a s2k-specifier?

     - One octet indicating string-to-key usage conventions.  0
       indicates that the secret key data is not encrypted.  255
       indicates that a string-to-key specifier is being given.  Any
                                                                    ===
       other value is a symmetric-key encryption algorithm specifier.
          =============================================================
Isn't it possible to write
        1, enc_MPI, ...
1 for the sym. algorithm follwed by the encrypted MPIs, instead?

Thank you for your help!

Regards,
Sven Wohlgemuth



Sven Wohlgemuth, Department 14, Computer Science, University of
Saarbruecken, Germany, <http://fsinfo.cs.uni-sb.de/~wohlgemuth>,
PGP-Fingerprints:
RSA: 46C3 B9EB B21D EAAF  63C7 D667 F040 88A7
DSS: 56F0 55A2 4DF8 53C1 1E0E  52CB E196 5D18 894F 7C23



<Prev in Thread] Current Thread [Next in Thread>