At 09:52 AM 6/11/2000 -0800, hal(_at_)finney(_dot_)org wrote:
<snip>
We could also add, "and no resynchronization is used" to the end of
the second paragraph, just to make that very clear. This would give
us:
Encryption/decryption of the secret data is done in CFB mode using
the key created from the passphrase and the Initial Vector from the
packet. A different mode is used with V3 keys (which are only RSA)
than with other key formats. With V3 keys, the MPI bit count prefix
(i.e., the first two octets) is not encrypted. Only the MPI non-
prefix data is encrypted. Furthermore, the CFB state is
resynchronized at the beginning of each new MPI value, so that the
CFB block boundary is aligned with the start of the MPI data.
With V4 keys, a simpler method is used. All secret MPI values are
encrypted in CFB mode, including the MPI bitcount prefix, and no
resynchronization is used.
The 16-bit checksum that follows the algorithm-specific portion is
the algebraic sum, mod 65536, of the plaintext of all the algorithm-
specific octets (including MPI prefix and data). With V3 keys, the
checksum is stored in the clear. With V4 keys, the checksum is
encrypted like the algorithm-specific data. Note that no CFB
resynchronization is done before the checksum encryption. The checksum
value is used to check that the passphrase was correct.
That looks fine to me Hal.
Regards
Erron Criddle
Comasp Ltd.
Level 2, 45 Stirling Hwy
NEDLANDS WA 6009
Australia
Fax: +61 8 9386 9473
Tel: + 61 8 9386 9534
http://www.comasp.com
ejc(_at_)comasp(_dot_)com