Discrepancies in extracted photo-id images from dumps
Stefan Claas
sac at 300baud.de
Mon Jan 21 15:10:21 CET 2019
On Mon, 21 Jan 2019 14:21:53 +0100, Peter Lebbing wrote:
Hi Peter,
> - Take the User Attribute Packet
> - Strip off the header: 1 byte tag, and in my case, 2 bytes length
> (lengths are encoded on 1, 2 or 5 bytes)
> - Hash what's left
>
> So:
>
> $ gpg --export KEYID | gpgsplit
>
> Take a file named *.attribute
>
> Is the file smaller than 194 bytes? Wow, small attribute. Drop the first
> two bytes.
>
> Is the file between 194 and 8386 bytes inclusive? Drop the first three.
>
> If it's larger than 8386 bytes, drop the first six bytes.
>
> And hash the rest of the file.
>
> $ dd if=002839-017.attribute bs=1 skip=3 status=none|gpg --print-md RIPEMD160
>
> For a real implementation, it's better to inspect the length field
> rather than reverse-compute its own length based on the file size.
This is very interesting, thanks a lot! So, many things can be explored
when using GnuPG ... :-)
> Python:
>
> --8<---------------cut here---------------start------------->8---
> b32s = "ybndrfg8ejkmcpqxot1uwisza345h769"
> def b32enc(i):
> s = ""
> while i:
> s = b32s[i & 0x1f] + s
> i >>= 5
> return s
>
> def b32dec(s):
> out = 0
> for c in s:
> out = (out << 5) + b32s.index(c)
> return out
> --8<---------------cut here---------------end--------------->8---
>
> If the encoded string is shorter than expected, prepend y's :-). It's
> the simplest code that sort-of works. There might be more issues, it's
> really bare-bones.
Nice!
Regards
Stefan
More information about the Gnupg-users
mailing list