OpenPGP 标签 18/19 描述混乱
有人可以帮我清理一下 MDC 和数据加密吗?在 rfc 4880 中,它说:
要传输的数据的明文 加密通过 SHA-1 传递 哈希函数,以及结果 哈希值被附加到明文中 修改检测代码包。 哈希函数的输入 包括所描述的前缀数据 多于;它包括所有的 明文,然后还包括两个 值 0xD3、0x14 的八位字节。这些 表示a的编码 修改检测代码包标签 和 20 个八位字节的长度字段。
起初,看起来 mdc (没有它的头数据)只是: sha1([data]) -> hash_value
那么第二句直到分号使它看起来像 sha1(OpenPGP_CFB_extra_data + [data]) -> hash_value
分号后面的内容让我看起来应该这样做 sha1([data] + "\xd3\x14") ->哈希值。 (这完全没有道理,不过好像是这么写的)
这是怎么回事?
获得正确的 MDC 后,如何处理它?它是它自己的数据包,还是类似的东西(根据我的理解)完成?:
tag18_header + encrypt(plaintext + "\xd3\x14" + 20 byte hash)
Can someone please clear up a bit of MDC and data encryption for me? in rfc 4880, it says:
The plaintext of the data to be
encrypted is passed through the SHA-1
hash function, and the result of the
hash is appended to the plaintext in a
Modification Detection Code packet.
The input to the hash function
includes the prefix data described
above; it includes all of the
plaintext, and then also includes two
octets of values 0xD3, 0x14. These
represent the encoding of a
Modification Detection Code packet tag
and length field of 20 octets.
at first, it seems like the mdc (without its header data) is just: sha1([data]) -> hash_value
then the second sentence up to the semicolon makes it seem like sha1(OpenPGP_CFB_extra_data + [data]) -> hash_value
the stuff after the semicolon makes it seem like I am supposed to do sha1([data] + "\xd3\x14") -> hash_value. (this doesnt make sense at all, but it seems to be what is written)
what is going on?
after getting the correct MDC, what is done with it? is it its own packet, or something like this (according to my understanding) done?:
tag18_header + encrypt(plaintext + "\xd3\x14" + 20 byte hash)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
阅读 RFC 4880 和部分 GnuPG 源代码 (g10/cipher.c 似乎是处理此问题的地方),我的解释是这样的:
0xd3是MDC数据包标签。0x14是MDC数据包长度(20字节)。MDC 哈希值的计算方式如下:
然后将其附加到明文消息并加密:
解密时,通过计算除最后 20 个字节之外的所有内容的 SHA-1 并将结果与最后 20 个字节进行比较来验证此哈希值,如 RFC第4880章50):
After reading RFC 4880 and parts of the GnuPG source code (g10/cipher.c seems to be the place where this is handled), I interpret it is like this:
0xd3is the MDC packet tag.0x14is the MDC packet length (20 bytes).The MDC hash is computed like this:
Then this is appended to the plaintext message and encrypted:
When decrypted, this hash is verified by computing SHA-1 of everything but the last 20 bytes and comparing the result to the last 20 bytes, as RFC 4880 writes (page 50):