[Top] [All Lists]

Re: Question about verifying signatures

2010-03-30 17:30:32

On Tue, 30 Mar 2010, Stephen Paul Weber wrote:
The question I have is: what is "message"?  According to section 5.2.4 it's
some combination of the literal data packet(s?) (their bodies or the whole
packet?) and the "hashed" subpackets.  Do I just concat all the data packets
and the hashed packets together in the order they appear?

Section [5.2.4] says:
For binary document signatures (type 0x00), the document data is
hashed directly.  For text document signatures (type 0x01), the
document is canonicalized by converting line endings to <CR><LF>,
and the resulting data is hashed.

I agree that paragraph isn't completely unambiguous. IIRC, the data passed to the SHA1/MD5/whatever algorithm is the bare document contents (possibly with EOL canonicalization as described above), concatenated with some "trailer" bytes which depend on the version number of the signature, but are a copy of part of the signature subpacket itself plus perhaps a length field and so on (see the last three paragraphs of [5.2.4]).

(The encrypted-data packet, by contrast, does contain a sequence of OpenPGP packets.)

<Prev in Thread] Current Thread [Next in Thread>