How to verify a detached signature in an embedded device

Werner Koch
Thu, 03 Jul 2003 10:44:39 +0200

On Thu, 3 Jul 2003 09:46:23 +0200 , Voser Peter said:

> // First, I create the detached signature bin2array.sig
> $ gpg -sb bin2array

I can't remember any details but there should be a tool to calculate
and embed a signature in the ELF file.  

> // The I want to verify it with elfsigchk
> $ ./elfsigchk bin2array bin2array.sig
> signature is NOT valid: no signature found

IIRC, elfsigchk is a test driver which parses and ELF file, extracts
the signature, calculates the hash and verifies the signature then. 

Did you follow the rules in the README:

   1. Make sure that the special RFC2440 .note section exsists.
       (see below)
   2. Run:
       ./elfsigtool <elffile> | gpg --force-v3-sig -u <signer> -sb >tmp
       ./elfsigtool <elffile> tmp > <signedelffile>
   3. Check:
       ./elfsigchk <signedelffile> <publickey>


Werner Koch                                      <>
The GnuPG Experts                      
Free Software Foundation Europe