ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Calculation of signature in OpenPGP

2005-10-25 00:58:49
from [Peter Byldner] [Permanent Link] 
I have question regarding the PGP digital signature (RFC3156).

On page 5 you have the well known sample:

 MIME Security with OpenPGP            August 2001


         Content-Type: multipart/signed; boundary=bar; micalg=pgp-md5;
           protocol="application/pgp-signature"

         --bar
      & Content-Type: text/plain; charset=iso-8859-1
      & Content-Transfer-Encoding: quoted-printable
      &
      & =A1Hola!
      &
      & Did you know that talking to yourself is a sign of senility?
      &
      & It's generally a good idea to encode lines that begin with
      & From=20because some mail transport agents will insert a greater-
      & than (>) sign, thus invalidating the signature.
      &
      & Also, in some cases it might be desirable to encode any   =20
      & trailing whitespace that occurs on lines in order to ensure  =20
      & that the message signature is not invalidated when passing =20
      & a gateway that modifies such whitespace (like BITNET). =20
      &
      & me

      --bar

      Content-Type: application/pgp-signature

      -----BEGIN PGP MESSAGE-----
      Version: 2.6.2

      iQCVAwUBMJrRF2N9oWBghPDJAQE9UQQAtl7LuRVndBjrk4EqYBIb3h5QXIX/LC//
      jJV5bNvkZIGPIcEmI5iFd9boEgvpirHtIREEqLQRkYNoBActFBZmh9GC3C041WGq
      uMbrbxc+nIs1TIKlA08rVi9ig/2Yh7LFrK5Ein57U/W72vgSxLhe/zhdfolT9Brn
      HOxEa44b+EI=
      =ndaj
      -----END PGP MESSAGE-----

      --bar--

   The "&"s in the previous example indicate the portion of the data
   over which the signature was calculated. 


**************************

For me it is not clear, which CRLF should be included in the signature.

Because I have the problem to code in a non ascii and line oriented 
environment (IBM z/OS) I have chosen to
first translate the text to ascii (in case of binary data  I can skip this 
step) and then to base64. In this matter I  can be
sure that trailing white spaces and control characters within the text are 
not disturbing in the recipient's verify phase.

I assume that I have to sign over the following parts:

Headers (in ascii) and CRLF (one or 2 after the last header ?)

Content-Type: application/octet-stream (CRLF)
Content-Transfer-Encoding: base64    (CRLF ) 2x   ?

base64 stream (without CRLF between nor ending with one ) ?


It's a try to use PGM MIME in the environment I'm working......the 
encryption part is easier

 

Kind regards

Peter
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Calculation of signature in OpenPGP, Peter Byldner <=
Previous by Date:  Re: WGLC for draft-ietf-openpgp-openpgp-15 ends Oct 28 1700EDT // empty line, Jon Callas
Next by Date:  Re: draft-josefsson-openpgp-mailnews-header and draft-ietf-dnsext-rfc2538bis-09.txt, Simon Josefsson
Previous by Thread:  Re: WGLC for draft-ietf-openpgp-openpgp-15 ends Oct 28 1700EDT // empty line, vedaal
Next by Thread:  Re: draft-josefsson-openpgp-mailnews-header and draft-ietf-dnsext-rfc2538bis-09.txt, Simon Josefsson
Indexes:  [Date] [Thread] [Top] [All Lists]