OpenPGP 标签 18/19 描述混乱

发布于 2024-11-07 10:07:27 字数 677 浏览 3 评论 0原文

有人可以帮我清理一下 MDC 和数据加密吗?在 rfc 4880 中,它说:

要传输的数据的明文 加密通过 SHA-1 传递 哈希函数,以及结果 哈希值被附加到明文中 修改检测代码包。 哈希函数的输入 包括所描述的前缀数据 多于;它包括所有的 明文,然后还包括两个 值 0xD3、0x14 的八位字节。这些 表示a的编码 修改检测代码包标签 和 20 个八位字节的长度字段。

起初,看起来 mdc (没有它的头数据)只是: sha1([data]) -> hash_value

那么第二句直到分号使它看起来像 sha1(OpenPGP_CFB_extra_data + [data]) -> hash_value

分号后面的内容让我看起来应该这样做 sha1([data] + "\xd3\x14") ->哈希值。 (这完全没有道理,不过好像是这么写的)

这是怎么回事?

获得正确的 MDC 后,如何处理它?它是它自己的数据包,还是类似的东西(根据我的理解)完成?:

tag18_header + encrypt(plaintext + "\xd3\x14" + 20 byte hash)

Can someone please clear up a bit of MDC and data encryption for me? in rfc 4880, it says:

The plaintext of the data to be
encrypted is passed through the SHA-1
hash function, and the result of the
hash is appended to the plaintext in a
Modification Detection Code packet.
The input to the hash function
includes the prefix data described
above; it includes all of the
plaintext, and then also includes two
octets of values 0xD3, 0x14. These
represent the encoding of a
Modification Detection Code packet tag
and length field of 20 octets.

at first, it seems like the mdc (without its header data) is just: sha1([data]) -> hash_value

then the second sentence up to the semicolon makes it seem like sha1(OpenPGP_CFB_extra_data + [data]) -> hash_value

the stuff after the semicolon makes it seem like I am supposed to do sha1([data] + "\xd3\x14") -> hash_value. (this doesnt make sense at all, but it seems to be what is written)

what is going on?

after getting the correct MDC, what is done with it? is it its own packet, or something like this (according to my understanding) done?:

tag18_header + encrypt(plaintext + "\xd3\x14" + 20 byte hash)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

尾戒 2024-11-14 10:07:27

阅读 RFC 4880 和部分 GnuPG 源代码 (g10/cipher.c 似乎是处理此问题的地方),我的解释是这样的:

  • 0xd3是MDC数据包标签。
  • 0x14是MDC数据包长度(20字节)。

MDC 哈希值的计算方式如下:

MCD_hash = SHA-1(OpenPGP_CFB_extra_data + [plaintext] + "\xd3\x14")

然后将其附加到明文消息并加密:

encrypt(OpenPGP_CFB_extra_data + [plaintext] + "\xd3\x14" + MDC_hash)

解密时,通过计算除最后 20 个字节之外的所有内容的 SHA-1 并将结果与​​最后 20 个字节进行比较来验证此哈希值,如 RFC第4880章50):

在解密过程中,明文数据应使用 SHA-1 进行哈希处理,包括前缀数据以及数据包标签长度字段 > 修改检测代码数据包。解密后,MDC 数据包的正文将与 SHA-1 哈希的结果进行比较。

After reading RFC 4880 and parts of the GnuPG source code (g10/cipher.c seems to be the place where this is handled), I interpret it is like this:

  • 0xd3 is the MDC packet tag.
  • 0x14 is the MDC packet length (20 bytes).

The MDC hash is computed like this:

MCD_hash = SHA-1(OpenPGP_CFB_extra_data + [plaintext] + "\xd3\x14")

Then this is appended to the plaintext message and encrypted:

encrypt(OpenPGP_CFB_extra_data + [plaintext] + "\xd3\x14" + MDC_hash)

When decrypted, this hash is verified by computing SHA-1 of everything but the last 20 bytes and comparing the result to the last 20 bytes, as RFC 4880 writes (page 50):

During decryption, the plaintext data should be hashed with SHA-1, including the prefix data as well as the packet tag and length field of the Modification Detection Code packet. The body of the MDC packet, upon decryption, is compared with the result of the SHA-1 hash.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文