test-410-session-key-util-js
v0.1.9
Published
Session Key Utility ===================
Downloads
1,045
Readme
Session Key Utility
This tool extracts the session key payloads from a GPG encrypted file.
Usage
Extract a Payload
Given an encrypted ciphertext file, extract the encrypted session key packet into a new file whose ciphertext has been removed.
await Extract(<pgp message>)
Inspect an Extracted Payload
Inspect the packets in an extracted payload, verifying if the bytes have been emptied by extract
TODO
Example
# [User] Generate ciphertext
echo "secret message" | gpg --encrypt --recipient [email protected] > ciphertext.gpg
# [User]{Session Key Utility} Extract the session key
await Extract(<ciphertext.gpg pgp message>) # produces a Uint8Array containing extracted session key packet
# Write the extracted session key byte array to a file
# [Cold Storage] Decrypts the session key, without having any access to the ciphertext
gpg --show-session-key --ignore-mdc-error session-key.txt
> gpg: session key: '9.2:200BE76024B43431007A52C28C11C5A0A932D92DD6295D435E78245E4F641DDF'
# [User] Can now decrypt their payload with the session-key
gpg --override-session-key '9.2:200BE76024B43431007A52C28C11C5A0A932D92DD6295D435E78245E4F641DDF' --decrypt ciphertext.gpg
> secret message
Background
- GPG packet enum source code:
- OpenPGP Message RFC defines packet types in section #5