Difference between clearsign and detached signatures?

Ingo Klöcker kloecker at kde.org
Fri Aug 29 20:03:43 CEST 2014


On Thursday 28 August 2014 22:53:52 TJ wrote:
> I've recently been digging deep into the source-code trying to
> understand what the differences are between --clearsign and
> --detach-sign signatures.

The RFC is probably much easier to read than the source code:
http://tools.ietf.org/html/rfc4880


> This came about whilst writing code that calls on "gpg --verify" on
> detached signatures; specifically Debian APT archives that contain
> "Release" (plaintext) and "Release.gpg" (detached signature).
> 
> The aim/hope was to combine the plaintext and detached signature into
> the armored clearsign format and thus avoid needing to write one of
> them to the file-system (the other can be supplied via stdin).
> 
> I had thought that the message digest hash (in this case SHA512)
> should be the same since the input data is the same which-ever
> signing method is used. This didn't work as I had expected so I have
> been digging into the source-code to figure out what is different
> between the two signing methods.

In general the message digest hashes will differ. The reason for this is 
a different canonicalization of the signed text (provided the detached 
signature is a text document signature; if it's a binary document 
signature no canonicalization is applied). A main difference is the 
stripping of trailing whitespace in the text (which is done for 
cleartext signatures but not for text document signature).

For details see
http://tools.ietf.org/html/rfc4880#section-5.2.4
and
http://tools.ietf.org/html/rfc4880#section-7


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140829/386cd25b/attachment.sig>


More information about the Gnupg-users mailing list