A program reading an encrypted file may wish to verify that the password it was given is the correct one. One way is to verify that the PKCS #7 padding at the end of the file is well formed. However, any plaintext that ends in byte 01 is well formed PKCS #7, meaning that about 1 in 256 keys will falsely pass this test. This might be acceptable for interactive use, but the false positive rate is too high for a brute-force search of the password space.
A better test requires some knowledge of the file format being wrapped, to obtain a “magic number” for the beginning of the file.
$FL2@(#)
or
$FL3@(#)
.
* Encoding: encoding.
, where
encoding is the encoding used for the rest of the file,
e.g. windows-1252
. Thus, * Encoding
may be used as a
magic number for system files.
PK
).