Please include this patch for gnupg 1.4.6 as has been done with past versions. http://loop-aes.sourceforge.net/updates/gnupg-1.4.6.diff.bz2 "When gpg encrypts data with symmetric cipher only or when gpg encrypts secret keyring keys with secret passphrase, gpg uses seeded (salted) and iterated key setup. However, default amount of iteration is tuned for slow processors and can be increased for better resistance against dictionary attacks. Larger key iteration makes key setup much slower, but also makes dictionary attacks much slower too. Included optional gpg patch makes gpg password iteration 128 times slower. gpg stores new iteration value along with seed bytes into symmetric cipher encrypted output file or secret keyring, so unpatched gpg versions will read and decrypt the data just fine." Reproducible: Always Steps to Reproduce:
Why don't you use gnupg-2 with: --s2k-mode --s2k-count Options which are doing exactly this...?
Well... Since upstream has this feature in mainstream version, I don't see why we need to maintain an external patch...
