From cc8f9224e89e64b3fe00a927738d8d9282b5d203 Mon Sep 17 00:00:00 2001
From: "W. Trevor King" <wking@tremily.us>
Date: Sat, 21 Dec 2013 10:30:44 -0800
Subject: [PATCH] Add salted string-to-key support to PGPPacket._string_to_key

From RFC 4880 [1]:

  Salted S2K is exactly like Simple S2K, except that the input to the
  hash function(s) consists of the 8 octets of salt from the S2K
  specifier, followed by the passphrase.

[1]: http://tools.ietf.org/search/rfc4880#section-3.7.1.2
---
 gpg-migrate.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/gpg-migrate.py b/gpg-migrate.py
index 0bf1133..c683a5b 100755
--- a/gpg-migrate.py
+++ b/gpg-migrate.py
@@ -861,6 +861,8 @@ class PGPPacket (dict):
         key = b''
         if self['string-to-key-type'] == 'simple':
             update_bytes = string
+        elif self['string-to-key-type'] == 'salted':
+            update_bytes = self['string-to-key-salt'] + string
         else:
             raise NotImplementedError(
                 'key calculation for string-to-key type {}'.format(
@@ -868,7 +870,10 @@ class PGPPacket (dict):
         for padding in range(hashes):
             string_hash = _hashlib.new(hash_name)
             string_hash.update(padding * b'\x00')
-            if self['string-to-key-type'] == 'simple':
+            if self['string-to-key-type'] in [
+                    'simple',
+                    'salted',
+                    ]:
                 string_hash.update(update_bytes)
             key += string_hash.digest()
         key = key[:key_size_bytes]
-- 
2.26.2