HowTo Verify : PGP Mime Signature over Text AND Attachment
(RFC2015)
Jeffrey Stedfast
fejj at ximian.com
Mon Feb 9 12:58:55 CET 2004
You need to pass the entire multipart to gpg... so, if you have:
Content-Type: multipart/signed; micalg="pgp-sha1";
protocol="application/pgp-signature"; boundary="signedXYZ"
--signedXYZ
Content-Type: multipart/mixed; boundary="mixedXYZ"
--mixedXYZ
Content-Type: text/plain
hello world
--mixedXYZ
Content-Type: image/jpeg
<base64>
--mixedXYZ--
--signedXYZ
Content-Type: application/pgp-signature
<sig content>
--signedXYZ--
if you had the above multipart/signed, you'd send the red part to gpg as
the signed content (sorry about the html mail, but this was the easiest
way to illustrate)
Jeff
On Mon, 2004-02-09 at 09:18 -0800, Harakiri wrote:
> Thanks for the fast reply, well thats like i thought
> but i must be missing something - what is actually
> signed within this multipart ?
>
> I thought it was :
>
> Part 1 Content-Types
> Part 1 Data
> Part 2 Content-Types
> Part 2 Data
>
> or do i miss something here ? I dont think the
> boundarys are signed to, or are they?
>
> Because i tried to verified such a message as i said
> with gpg, i pasted the 1 Part and the 2 Part together
> and tried gpg --verify sig.txt data.txt, but i always
> had a bad signature.
>
> Regards
>
>
> --- Jeffrey Stedfast <fejj at ximian.com> wrote:
> > A multipart is considered 1 part. So when you sign a
> > part with text +
> > attachments (aka a multipart), you treat the
> > encapsulating multipart as
> > the single part to sign.
> >
> > so, if you have the structure:
> >
> > multipart/mixed
> > text/plain
> > image/jpeg
> >
> > and then go and sign it using rfc3156 (which
> > obsoletes rfc2015), you end
> > up with:
> >
> > multipart/signed
> > multipart/mixed
> > text/plain
> > image/jpeg
> > application/pgp-signature
> >
> > Hope that clears things up for you.
> >
> > Jeff
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Finance: Get your refund fast by filing online.
> http://taxes.yahoo.com/filing.html
--
Jeffrey Stedfast
Evolution Hacker - Ximian, Inc.
fejj at ximian.com - www.ximian.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/attachments/20040209/af256f07/attachment.htm
More information about the Gnupg-devel
mailing list