Regarding the 2 octet checksum (that is encrypted), how do we encrypt:
If you're asking whether there is a CFB resync before the checksum, then
the answer is no.
Perhaps Hal would be willing to change the wording to something like:
With V4 keys, a simpler method is used. All secret MPI values
(including their MPI bitcount prefixes) and the checksum are
encrypted in CFB mode, without any resynchronization.
16 bit checksum = 16 most significant bits (sum of Secret MPI's ASCII
values MOD 65536)
Actually, it's mod 2^16, which means the *least* significant bits.
It's raw binary data; there is no character set involved.
The description of the checksum in the spec looks pretty airtight to me.
this also assumes a big endian system.
The checksumming itself doesn't depend on the encoding system -- you're
adding individual octets (not 16-bit things). The result is indeed
encoded most-significant-octet-first, like all other multi-octet numbers.