understanding GnuPG "--clearsign" option

[Henry Hertz Hobbit]

On 08/12/2013 08:40 AM, Martin T wrote:
> Hi,
> 
> one can sign the message with "--clearsign" option which adds ASCII
> armored(Radix-64 encoding) "PGP signature" at the end of the text.
> This "PGP signature" contains the UID of the signer, timestamp and key
> ID. However, two questions:

GnuPG does much more than just the Radix-64 encoding with the
--clearsign:

$ gpg --default-key MINE --output list.asc \
 --clearsign list.txt

By that I mean gpg/gpg2 doesn't just do a base64 conversion but also
does other magic stuff.  You can stop reading now.

> 1) Where is the UID of the signer, timestamp of the signature and
> signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm
> able to see the UID of the signer, timestamp and signer key-ID, but if
> I decode the Radix-64/base64 data back to binary(base64 -d) and use
> "hexdump -C" to analyze this data, I do not see the UID, timestamp or
> signer key-ID.

The UID and other things are stored in the string which is usually
more than one line long between the BEGIN PGP SIGNATURE and
END PGP SIGNATURE.  But I am puzzled how you did this part.  If
I copy the now clear signed list.txt to a justsig.txt file and
edit out all but the hash I get a warning.  Actually I get a
warning no matter what content is in the justsig.txt file from
the base file:

$ base64 -d < justsig.asc > list.bin
base64: invalid input

The list.bin file has zero length unless you use nothing but the
hash which is the normal way base64 works for email attachments.
In any event, list.bin created with just the hash has no known
file type that magic understands. e.g.:

$ file list.bin
list.bin: data
$ ls -l list.bin
287 list.bin

Like I said, if you use anything BUT just the hash, list.bin
will contain nothing (zero bytes).  But I will ALWAYS get the
"invalid input" meaning it is something base64 does NOT understand.
Is this what you did to get a non-zero length file via base64 -d
from a --clearsign file?

> 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the
> message which is encrypted with my private key and then ASCII armored?

It uses the hash in the preferred order of what is associated
with the key used and what the the version of OpenPGP you are
using is capable of handling.  That for me is SHA-256 since that
is my first choice and my version of gpg can handle it.  SHA1
is usually the default unless you set your preferences to
something else since it is still difficult to do a brute
attack on SHA1 (but it can be done):

http://securemecca.com/public/GnuPG/GnuPG_Prefs.txt

The hash is created based on the text as input using the private
side of the key and then ASCII armored in such a way that when
you verify it finds the appropriate public key based on the
hash and does the other hash calculation of the text and
see if it matches.  In any event, the markers of --clearsign
make it clear that only an OpenPGP compliant program can handle
it.  The MIME markines are used by email to determine what
handles it since a --clearsign is what you need to make the
signature something you can send in email but it can be
used for other purposes.  It is just that you can NOT send
a non-ASCII signature directly in email without it being
converted to ASCII first.  There are other uses of
-clearsign like when you what the signature and the
file contents together.

------------------------------------------------------------

base64, the older uuencode and uudecode and similar
programs do nothing more than convert a binary file like
a zip file into ASCII text so the zip file can be sent as an
email attachment.  Send a message to yourself in email with
a test.zip attachment. Save the entire message to a file
(for Thunderbird you will have an *.eml file).  Assuming the
file was named test.eml and the attachment was test.zip:

$ cp test.eml test.base64

Edit the test.base64 file so it has only the hashed material
and note the zip name (assuming test.zip was what you
attached and sent).  Also note that it uses base64
as the type in the "Content-Transfer-Encoding:" if that is
what your email used (it usually is).

$ base64 -i -d < test.base64 > test,zip
$ file test.zip
test.zip: Zip archive data, at least v1.0 to extract
$ unzip test.zip
$ cat test.txt

Hello World

GnuPG does much more than just the Radix-64 binary to
ASCII conversion and only gpg or gpg2 can handle it.
Use base64 only if it is specified in the MIME
markings (the latest malware from PeskySpammer here):

Content-Type: application/zip;
 name="Tax Notices Report.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 name="Tax Notices Report.zip"

Usually you won't need to use base64 and Thunderbird
Evolution, or other mail programs will allow the saving
of the file unless Microsoft Exchange munges it in a bounce
to you.  In that case, if base64 is specified as the Transfer
Encoding type you can save the enter message to file.  Then
edit the file and strip off all the other stuff and get
the file out of the hashed stuff even if your mail
program can not do it.

But base64 is unusable for a -clearsign or even a
-a --detach-sign where you can more easily see it:

Nest Paw?