Signature Packet Format

Brian M. Carlson karlsson@hal-pc.org
Fri Jul 20 19:48:02 2001 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Justin Wienckowski wrote:

> 

> Hey folks,

> 

> I'm writing a little application to generate an OpenPGP message with

a user's RSA public/private key for import into gpg.  I noticed that
GPG won't import the key without a valid self-signature.

> 

> However, the RFC sections regarding the signature packet format are

a little unclear to me.

> 

> My understanding of Version 4 signatures of RSA keys is as follows -

any clarifications/corrections are appreciated.

> 

> 1)  Hash the key packet you are protecting.

> 2)  Hash the User ID packet

> 3)  Hash the Signature packet through the hashed subpacket data, but

no further

> 4)  Hash the 6-byte trailer

> 5)  Insert the 160-bit hash value into an ASN.1 DigestInfo structure

> 

> ....now what?

> 

> The spec indicates that the "signature" portion of the packet for

the RSA algorithm is an MPI of m**d (which I assume is the modulus
raised to the private exponent).  But there's no indication of where
the m**d value and the ASN.1 DigestInfo structure meet in order to
form a secure signature.

> 

> I *know* I"m missing something because this just doesn't make sense

as a cryptographically secure signature.  Anyone able to clarify for
me?


I think, somebody correct me if I'm wrong, that the ASN.1 structure is
m and well, I'm sure you know what d and n are. I suggest you use
RFC2440-bis02 to implement this, as this is likely to become the new
standard and it contains the new MDC packets.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32) - GnuPGshell v1.80
Comment: Ubi libertas, ibi patria.

iQEVAwUBO1htrOWR/8lWBVPnAQPb3ggArCksMIzEcP/3WaiuVebZYOELMtKQfFb3
3gqu9XyU0S58tkCQAyzEf5bEhLBTBR12UosRxAKYmH8yA3Q6TpC3BiLH1xvf/jki
UuMKB7YzXRchZky1XNd7KXu6Or+7ihqCm9wQvfLsDC7QukgcffJQXzGPmvnTUAHB
1Z2YUq3v0CZ1jbycxRbMKYBfI99+t4joOpr9JCn85zNoaxPaXOB93GdXKe/x0BCR
kVKO23mnUE54AxUjhmi2Bwgjv5uu1zTCF8afntNwZpWiCyW2PISQvt0ca9lRzwx8
nRZz2sFyak6Hxr0JzjY9fvslc2slFkm1x8+iJeMgsbNQtuVNO2bjgw==
=F/QY
-----END PGP SIGNATURE-----