sig binary format
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Apr 5 19:29:40 CEST 2011
On 04/05/2011 12:03 PM, Jean-Jacques Brucker wrote:
>
> Hi, I have a question concerning the first octet of *.sig file (created with --detach-sign option).
>
> I have see almost data match section 5.2.3. of the RFC4880, but i am asking me why is the first octet of a *.sig file (packet tag) 0x88 ?
> According to section 4.3 of RFC4880 0x88 means "Compressed Data Packet", I was instead expecting 0x82 for "Signature Packet" !?
The first octet (byte) of a packet contains the "packet tag", and
determines how large the rest of the packet header is:
https://tools.ietf.org/html/rfc4880#section-4.2
0x88 is (in binary): 10001000b
aligned with bit location index:
76543210 <- bit index
10001000 <- bit value
so bit 7 is 1: that's good.
bit 6 is 0: this is an old-format packet.
since it's old-format:
bits 5 through 2 are the packet tag: 0010b -- or 2 in decimal. (see
https://tools.ietf.org/html/rfc4880#section-4.3)
and bits 1 and 0 indicate how the old-format packet stores its length.
in your case, that's 00b -- or 0 in decimal, indicating that there is a
simple one-octet packet length that immediately follows this first octet
that contains the length of the rest of the packet.
make sense? How did you compute 0x82?
If you're doing this sort of packet dissection, you might be interested
in "gpg --list-packets" or in the tool "pgpdump", which provides a
similar implementation.
hth,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110405/9fce2416/attachment.pgp>
More information about the Gnupg-devel
mailing list