On Thu, 23 Aug 2001 10:23:16 -0400, Michael Young said:
Here (my perception of) the structure of a integrity-protected
packet sequence:
SEIP-data packet {
<version=1>
encrypt-CFBn[key](
<plaintext>
MDC packet { SHA-1 hash }
)
}
Correct, however the plaintyext is usually a compressed packet but can
be any other packet as allowed by the OpenPGP grammar. That the MDC
has a form of a packet is probably due to my request because it can
make things easier. However an implementation can ignore the fact
that this is a packet and handle it just like a checksum with a fixed
header.
GnuPG encodes the <plaintext> using an old-style indeterminate
length packet. This requires a parser to carve off the
Sure, there is no other way to do this when you don't know the length of
the text in advanced. This is very common for Unix tools and that
feature is one of the great advantages of OpenPGP.
Is the <plaintext> *required* to be an "OpenPGP message"?
Yes.
Are indeterminate packets legal inside other indeterminate
packets? If not, are they legal inside strictly bounded
Yes.
There are only a few places where such packets are not allowed. I
think this is the case for key packets but I am not sure what the
specs do say; GnuPG handles this automagically.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus