Yes, this all looks fine now. The one thing I'd add is that there is no
need to parse out the key and subkey packets as you have done. After the
0x99 and two-octet length, you just hash the key or subkey packet body.
The specific contents of the key/subkey packet are irrelevant to the
signature algotihm, it's just data to feed the hash.
So you're saying that (1) is OK, however in the case of 2), it would be
best to structure it this way:
No, I didn't mean that. All I meant was that you don't have to worry
about the contents of the public key packets, the version and time and
MPIs. Just hash the key packet data as a block. It makes it much
easier to see what is going on:
header data
0x99 |
2 octet length |
key packet body data |
user id data
0xb4 |
4 octet length |
username data |
signature trailer
version field to end of hashable data |
V4 signature trailer
0x04 |
0xFF |
4 octet length |