Add secret-key decryption to _parse_generic_secret_key_packet
The checksum checks will fail with encrypted algorithm-specific key
data. This adds handling to decrypt the encrypted section with a new
PGPPacket.decrypt_symmetric_encryption stub that still needs to be
filled in. From RFC 4880 [1]:
With V4 keys, a simpler method is used. All secret MPI values are
encrypted in CFB mode, including the MPI bitcount prefix.
The two-octet checksum that follows the algorithm-specific portion
is the algebraic sum, mod 65536, of the plaintext of all the
algorithm- specific octets (including MPI prefix and data). With
V3 keys, the checksum is stored in the clear. With V4 keys, the
checksum is encrypted like the algorithm-specific data.
[1]: http://tools.ietf.org/search/rfc4880#section-5.5.3
projects / gpg-migrate.git / commit