Generate digest and signature seperately
jerome at jeromebaum.com
Tue Jun 14 14:36:02 CEST 2011
>> Does the (mathematical) signature differ between data sigs and certs
>> in any way besides the varying hash?
> Does that matter and why?
If only the hash varies, you need the data to be sure that the hash is
for a data sig (based on a previous discussion the hash is prefixed
with the "data vs. cert" code, so you can't partially generate the
hash and then add the code on your local machine).
email jerome at jeromebaum.com
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
More information about the Gnupg-users