On Thu, Mar 12, 2015 at 10:56 AM, Werner Koch <w...@gnupg.org> wrote: > On Wed, 11 Mar 2015 20:39, p...@heypete.com said: > >>> One more question: Is there any standardization in output formats >>> between encryption programs and libraries, for example say you encrypt >>> with AES128 in CBC, with the same key (directly or via passphrase), and >>> since the output will have to have, in addition to the actual >>> ciphertext, algorithm indentification on it, possible pasphrase-to-key, >>> plus mode-specific data such as the iv/nonce, is there a specification >>> of the format of how these come in? >> >> You'd have to ask Werner, the head developer, about that. > > Sorry, I do not understand the question. The format is defined by the > OpenPGP standard or the CMS standard (aka S/MIME). There are also some > other less common formats. > > Or is the question how applications present this to the user or whether > a standard API is defined? That is not defined by one of these > protocols.
I (perhaps incorrectly) interpreted the question as "If GnuPG makes backwards-incompatible changes in the future, would it be possible for one who knows the encryption algorithm used, key, etc. of a message to decrypt that message with other, non-GnuPG tools?" For example, if one knows that CAST5-CFB, ZIP, and salted-and-iterated S2K was used (as well as the value of the salt and number of iterations), might one be able to decrypt the message using OpenSSL and other common utilities? I suspect yes, as the encryption and compression methods are standards, but doing so would probably be non-trivial. I could be wrong with both the interpretation of the question and the answer, though. Cheers! -Pete -- Pete Stephenson _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
