ch20: decrypt

book/source/21-zoom_encyption.md

@@ -7,6 +7,8 @@ SPDX-License-Identifier: CC-BY-SA-4.0
 
 ## SEIPD v2
 
+### Encrypt
+
 We encrypt a short message to Alice, using a public certificate version of {ref}`alice_priv`:
 
 ```text
@@ -27,6 +29,8 @@ cgIHAQaWc/Ip4Thq0EZDZwlpRUk/TUL+TWEpsGdQs8ifDyFAk7t3+3XvvLr5dUg3
 -----END PGP MESSAGE-----
 ```
 
+### Inspect the packet dump of the encrypted message
+
 Inspecting the packets of this message, we see:
 
 ```text
@@ -76,3 +80,42 @@ Sym. Encrypted and Integrity Protected Data Packet, new CTB, 2 header bytes + 11
     00000060  4d da 31 5b 69 13 8e 71  b0 12 2b a0 15 ce a0 96   M.1[i..q..+.....
     00000070  9d ea a4 20                                        ...
 ```
+
+### Decrypt
+
+```text
+$ sq decrypt --dump-session-key --recipient-file alice.sec enc.pgp
+Session key: 8DDA27B9B000BD84D0A39DFF66780111
+Encrypted using AES-128
+Compressed using ZIP
+hello world
+```
+
+Inspecting the packets inside the SEIPD container:
+
+```text
+$ sq decrypt --dump --recipient-file alice.sec enc.pgp
+Public-Key Encrypted Session Key Packet, new CTB, 93 bytes
+    Version: 6
+    Recipient: C0A58384A438E5A14F73712426A4D45DBAEEF4A39E6B30B09D5513F978ACCA94
+    Pk algo: X25519
+
+Encrypted using AES-128
+Compressed using ZIP
+hello world
+Sym. Encrypted and Integrity Protected Data Packet, new CTB, 114 bytes
+│   Version: 2
+│   Symmetric algo: AES-128
+│   AEAD algo: EAX
+│   Chunk size: 4096
+│   Salt: 9673F229E1386AD0464367096945493F4D42FE4D6129B06750B3C89F0F214093
+│
+└── Compressed Data Packet, new CTB, 44 bytes
+    │   Algorithm: ZIP
+    │
+    ├── Literal Data Packet, new CTB, 18 bytes
+    │       Format: Binary data
+    │
+    └── Padding Packet, new CTB, 14 bytes
+            Unknown variant
+```