ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Certification/self-signatures

2010-08-14 09:50:17
from [Stephen Paul Weber] [Permanent Link] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello all!

I'm seeking some clarification WRT computing v4 signatures over key data for
0x13 signatures (specifically, the self-signature).

The spec says "0x99, followed by a two-octet length of the key, and then
body of the key packet".  I assume it's always on what would be the body of
the public part of the packet?  Is this the same as the data used in
generating the fingerprint, just without version/timestamp/algorithm octets?
Should the length field include the length of the 0x99 + length in it?
Should it include the length of the whole public park (including
version/timestamp/algorithm)?

Then it says "A certification signature (type 0x10 through 0x13) hashes the
User ID being bound to the key into the hash context after the above data
... A V4 certification hashes the constant 0xB4 for User ID certifications
or the constant 0xD1 for User Attribute certifications, followed by a four-octet
number giving the length of the User ID or User Attribute data, and then the
User ID or User Attribute data."

So, 0xB4 + 4-octet-length + user-id-packet-body ?

The pseudocode I'm working with now (which isn't working) is:

- ----
material = key_fields.map { |key_field|
        bitlength(key[key_field]) + key[key_field]
}.join

0x99 + material.length + material + 0xB4 + user_id.body.length + user_id.body
- ----

- -- 
Stephen Paul Weber, @singpolyma
See <http://singpolyma.net> for how I prefer to be contacted
edition right joseph
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJMZqjrAAoJENEcKRHOUZzerpsQAKXYwDdcf1hO8BKGd+AkA0CO
3lWWM/lFgo3ho0gqxDoni9Y3E4eT2VBSJ3mKXrRv0CNy6udyU88rSFECDvcz54CI
Z6nf34DKlTbSpfYuR2/8n+bMhUZR/rnRhmj1Vdmxkz2VuheReWyUn1pEMBx3n4HT
bVymy9KRQn3qZbR5UT5P8DL7xzLucful00V9aFtTC6CxC2ZHKUNl6RMDH0sPHY4o
GEmdnVnlR0VREOgBqPCzAZV3/zcZ+aBqpj7mEi6AtRGvy0Dvi1Pv5YiSgp2tuNDZ
Jv0j6G58NB5MqQWtfMttCLQDGhu6K4FNah+X6QSV2j86H00luSCQSSXB05kmd5Tw
NSu4ZwjdLJOhCJDivI3LajvFKmCFLBsRZf6G1SmeP1zvv4OHMdw0MeG3g93/3M9V
gfpOVi0tvgH8806M77+N/TdBBHrPmqteK4jHAed7NQ6jj0SGdKxp/h0XEfceSQ7w
MmvrJkXS8m7MVIRCv9599a/DoKPbLmhXqsH4Fuo6AfmgdOiaNxt6vJDy7nuQdosN
fZYekGZtpe2Dmj2NgRbz4pamlm6tuMRqsa1t7Q4jViisf4scB7ecV1FX8izFg/nZ
0wDsBb/FzSZTmZYn1zJvDpzy62JOvDGhnGNrGPmSCJxohUNAFr4b2DJq4nRnbm9F
HnVT5e67gsVBXm4Tzz6j
=Pt+h
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Certification/self-signatures, Stephen Paul Weber <=
Next by Date:  SERPENT in OpenPGP?, Christoph Anton Mitterer
Next by Thread:  SERPENT in OpenPGP?, Christoph Anton Mitterer
Indexes:  [Date] [Thread] [Top] [All Lists]