understanding GnuPG "--clearsign" option

Leo Gaspard ekleog at gmail.com
Mon Aug 12 15:21:50 CEST 2013

On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote:
> Hi,
> one can sign the message with "--clearsign" option which adds ASCII
> armored(Radix-64 encoding) "PGP signature" at the end of the text.
> This "PGP signature" contains the UID of the signer, timestamp and key
> ID. However, two questions:
> 1) Where is the UID of the signer, timestamp of the signature and
> signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm
> able to see the UID of the signer, timestamp and signer key-ID, but if
> I decode the Radix-64/base64 data back to binary(base64 -d) and use
> "hexdump -C" to analyze this data, I do not see the UID, timestamp or
> signer key-ID.
> 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the
> message which is encrypted with my private key and then ASCII armored?

According to http://openpgp.org/technical/ the OpenPGP standard is RFC 4880.

So, as your question is quite technical, you should be able to find your answer
here : http://www.ietf.org/rfc/rfc4880.txt

Sorry for not being able to help you more!


More information about the Gnupg-users mailing list