On Thu, May 06, 2004 at 04:27:49PM -0400, Hasnain Mujtaba wrote:
Thank you for the answer David. If, as the RFC states, we canoncialize
the data before storing it in the literal packet, then the
implementation is tampering with the file before performing the
operation, say encryption.
"Tampering" is perhaps a little strong. The canonicalization is part
of the standard, so while it may be tampering, it's legal
tampering. ;)
When I use GPG to encrypt and decrypt a text file, the checksums of
the source text file and the decrypted file are the same. So, the
file in not being canonicalized prior to encryption?
Maybe, maybe not. If you are encrypting and decrypting that text file
on the same platform, then you would expect to end up with the same
file since the data is canonicalized on the way in, and
decanonicalized on the way out.
Alternately, if you specified the text file as binary, then no
canonicalization is done.
GnuPG uses the "--textmode" switch to turn on canonicalization. PGP
has a checkbox for it named something like "Input is text".
David