Serialize a message and parse its ECDSA signature

roshii roshii at riseup.net
Sat Feb 23 15:49:03 CET 2019


Hi,

I am playing around with GPG which I'd like to use to sign message and
use the resulting signature binary in another piece of code.

So far I have created a simple PGP packet parser in JuliaLang with which
I think I can successfully extract the elliptic curve point representing
the public key as follows. See GitLab
<https://gitlab.com/braneproject/PGParser.jl> for source code.

```
$ gpg --output pubkey.bin --export 8FAB2B40D753C0F6
```

```

julia> packets = bin2packet("pubkey.bin")
3-element Array{PGPPacket,1}:
 Public-Key Packet
 Length : 79, Partial : false
PublicKey(0x04, 1550079457, scep256k1 Point(𝑥,𝑦):
f05314566c9bfc8d8cf463a7a01e7735245d588a60dd874f09a9636620abb314,
6bda245d43cbbe019ab1ad74316d675dd858cdd776820969bcc21bbccbd3a661)
```

I am then generating a message within Julia, an integer, which needs to
be signed and which I just save to file made of 32 bytes representing
the 256 bits number in big-endian.

But I wonder if this should be serialized in some way? Should their be a
package header indicating to GPG what it is signing for, what length is
has or anything else? Should I maybe follow X.690 for integer encoding?


Next, comes signature parsing which I haven't been able to interpret so
far, finding no hints in RFC4880 or 5480. Nevertheless, I assume the
last 68 bytes must be signature representation with two integer,
preceded by some bytes which looks to be 00ff in the below message.

How should EC signature be parsed exactly? Where would this be documented?
Last but not least, is the signature hashed? And if yes, is there a way
to get it unhashed?


```

julia> z =
99621552382283238930643867389539606415724582999531180113553721867524305282175;
julia> f = open("z.bin","w");
julia> write(f,int2bytes(z))
32

```

```

$ gpg -b -u D753C0F6 z.bin

```

```
julia> packet = bin2packet("z.bin.sig")
1-element Array{PGPPacket,1}:
 Signature Packet
 Length : 117, Partial : false
 Version : 4
 Type : SHA256
SignatureSubPacket[
    Issuer Fingerprint
    041f6132045b4b6c393c48846e8fab2b40d753c0f6,
    Signature Creation Time
    5c70346a]
SignatureSubPacket[
    Issuer
    8fab2b40d753c0f6]
 Hash left : 3462
 scep256k1 signature(𝑟, 𝑠):
"00ff6ae576da68ddbd1a2aff20d450186fdd1a13bbbddc1b9837a19080364f3cd83700ff4727b504b86d667b048147c939b4eafae21203e1235ae6e68aa71477292ea173"

```

All my attempt to verify signature of message provided pub key have so
far failed and so there is clearly something I do not get. I am looking
forward at receiving any tips :)


Thanks upfront

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190223/0e10948a/attachment.html>


More information about the Gnupg-users mailing list