Signature Packet Format
Brian M. Carlson
karlsson@hal-pc.org
Fri Jul 20 19:48:02 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Justin Wienckowski wrote:
>
> Hey folks,
>
> I'm writing a little application to generate an OpenPGP message with
a user's RSA public/private key for import into gpg. I noticed that
GPG won't import the key without a valid self-signature.
>
> However, the RFC sections regarding the signature packet format are
a little unclear to me.
>
> My understanding of Version 4 signatures of RSA keys is as follows -
any clarifications/corrections are appreciated.
>
> 1) Hash the key packet you are protecting.
> 2) Hash the User ID packet
> 3) Hash the Signature packet through the hashed subpacket data, but
no further
> 4) Hash the 6-byte trailer
> 5) Insert the 160-bit hash value into an ASN.1 DigestInfo structure
>
> ....now what?
>
> The spec indicates that the "signature" portion of the packet for
the RSA algorithm is an MPI of m**d (which I assume is the modulus
raised to the private exponent). But there's no indication of where
the m**d value and the ASN.1 DigestInfo structure meet in order to
form a secure signature.
>
> I *know* I"m missing something because this just doesn't make sense
as a cryptographically secure signature. Anyone able to clarify for
me?
I think, somebody correct me if I'm wrong, that the ASN.1 structure is
m and well, I'm sure you know what d and n are. I suggest you use
RFC2440-bis02 to implement this, as this is likely to become the new
standard and it contains the new MDC packets.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32) - GnuPGshell v1.80
Comment: Ubi libertas, ibi patria.
iQEVAwUBO1htrOWR/8lWBVPnAQPb3ggArCksMIzEcP/3WaiuVebZYOELMtKQfFb3
3gqu9XyU0S58tkCQAyzEf5bEhLBTBR12UosRxAKYmH8yA3Q6TpC3BiLH1xvf/jki
UuMKB7YzXRchZky1XNd7KXu6Or+7ihqCm9wQvfLsDC7QukgcffJQXzGPmvnTUAHB
1Z2YUq3v0CZ1jbycxRbMKYBfI99+t4joOpr9JCn85zNoaxPaXOB93GdXKe/x0BCR
kVKO23mnUE54AxUjhmi2Bwgjv5uu1zTCF8afntNwZpWiCyW2PISQvt0ca9lRzwx8
nRZz2sFyak6Hxr0JzjY9fvslc2slFkm1x8+iJeMgsbNQtuVNO2bjgw==
=F/QY
-----END PGP SIGNATURE-----