-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Isn't that too short for a 256-bit key?
Indeed, my post included a 128-bit key computation. (I also
used MD5, rather than SHA1 as asked.) Sorry about that.
For a 256-bit key, based on SHA1, I get:
53.f2.fd.a7.69.7d.0b.a6.c0.ee.18.4f.89.db.1d.f8.
14.6c.d4.ad.36.1b.8c.4e.63.13.ab.68.75.a7.ad.0b.
I also generated a 64k-sized file and tested with "sha1sum",
getting the same first 20 bytes.
>>Sadly, GnuPG (1.2.2)'s --show-session-key doesn't seem to work on
>>symmetrically encrypted packets, but it might be easy to tweak.
>
>
> That's not what show-session-key is for. It's for, well, showing
> session keys ;)
I think you may have misread my comment as wanting to produce the
session key that protects a secret key, based on the original
context.
I did not. I was talking about a "conventionally encrypted" message,
using a Symmetrically Encrypted Data Packet. If the S2K doesn't
include an (*optional*) encryption of the session key, then the S2K
computation result *is* the session key; I was simply trying to use
that feature to generate an S2K output to check mine.
I think that the intended purpose of GnuPG's session key feature is
equally applicable here. If you disagree, I'd be happy to discuss it
in a GnuPG forum. In any case, it's not an OpenPGP issue.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBP7k3wuc3iHYL8FknEQLiKgCfX19EOKUNQzbuv016mWTTamca9j8AoOEE
l94AOHh1yXmDF5ARHrIvuGxx
=9Yzg
-----END PGP SIGNATURE-----