Hi,
I'm pleased to report that I've just added support for decrypting SEIP
packets as well as verifying MDC packets to Sequoia. See:
https://gitlab.com/sequoia-pgp/sequoia/commit/e304deb0fc7a92801cf3ba58aafeb…
Currently, there is only a low-level interface. The basic usage is
more or less shown in the decryption unit test:
https://gitlab.com/sequoia-pgp/sequoia/blob/e304deb0fc7a92801cf3ba58aafeb14…
Basically, we create a packet parser as usual:
let mut pp = PacketParserBuilder::from_file(&path).unwrap()
.buffer_unread_content()
.finalize()
.expect(&format!("Error reading {}", filename)[..])
.expect("Empty message");
Then, we iterate over the message, and when we encounter a SEIP
packet, we decrypt it:
if let Packet::SEIP(_) = pp.packet {
pp.decrypt(algo, &key[..]).unwrap();
}
Now, if we recurse on the SEIP packet (pp.recurse() instead of
pp.next()), we will iterate over the decrypted packets (otherwise the
decrypted data will be stored in packet.body).
When we encounter the MDC packet, we can check the hash as follows:
if let Packet::MDC(mdc) = pp.packet {
assert_eq!(mdc.computed_hash, mdc.hash);
}
Right now, it is up to the implementation to gather the SK-ESK and
PK-ESK packets and extract the symmetric encryption algorithm and
session key.
When using a Message to parse a message all a once, it is currently
not possible to decrypt the SEIP packets.
Another current limitation has to do with the packet parser and not
symmetric decryption per se: when a packet in the SEIP packet has an
indefinite length (which is how GnuPG encodes the length of compressed
data packets), Sequoia assumes that the remaining data belongs to
packet with the indefinite length; if some data is unread, Sequoia
just drops the data instead of looking for more packets.
If someone is looking for a small project, consider adding a decrypt
command to sq.
:) Neal
