Clearsigned text / OpenPGP interop
rwillmer at gmail.com
Mon Dec 10 13:50:11 CET 2007
I wonder if someone could point me in the right direction.
I'm using GPG to generate a clearsigned text message (V4 sig, SHA1
hash) which I'd like to validate using OpenPGP::SDK. The test is
currently failing, and I'm a bit confused about what GPG is actually
In the GPG function hash_sigversion_to_magic(), it's hashing the
signature sub-packet as I'd expect, but then at the end of the
function, there's this:
/* add some magic */
buf = sig->version;
buf = 0xff;
buf = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
buf = n >> 16;
buf = n >> 8;
buf = n;
md_write (md, buf, 6);
I can't figure how this matches up to the OpenPGP spec.
So if anyone can help with the following questions, I'd appreciate it:
a) Am I just missing something obvious in the RFC? If so, please point me at it!
b) Or, do I need to do something special to make gpg generate
OpenPGP-compliant packets? (I'm using --openpgp but is there something
c) or is gpg just not intended to be openpgp-compliant for V4 sigs?
thanks for any light you can shed,
More information about the Gnupg-devel