How to verify a detached signature in an embedded device
Werner Koch
wk@gnupg.org
Thu, 03 Jul 2003 10:44:39 +0200
On Thu, 3 Jul 2003 09:46:23 +0200 , Voser Peter said:
> // First, I create the detached signature bin2array.sig
> $ gpg -sb bin2array
I can't remember any details but there should be a tool to calculate
and embed a signature in the ELF file.
> // The I want to verify it with elfsigchk
> $ ./elfsigchk bin2array bin2array.sig
> signature is NOT valid: no signature found
IIRC, elfsigchk is a test driver which parses and ELF file, extracts
the signature, calculates the hash and verifies the signature then.
Did you follow the rules in the README:
1. Make sure that the special RFC2440 .note section exsists.
(see below)
2. Run:
./elfsigtool <elffile> | gpg --force-v3-sig -u <signer> -sb >tmp
./elfsigtool <elffile> tmp > <signedelffile>
3. Check:
./elfsigchk <signedelffile> <publickey>
?
--
Werner Koch <wk@gnupg.org>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org