vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-06-18 09:34:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

Adjust styling of "one-pass" in the nesting section

Browse source
This commit is contained in:
Heiko Schaefer 2023-12-23 04:01:07 +01:00
parent ecf0bc1c7b
commit 2444e6cc93
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
book/source/adv/signing_data.md
View file

@ -116,16 +116,16 @@ However, when a signer creates a {term}`prefixed signed message`, the signed dat
## Nesting of one-pass signatures ## Nesting of one-pass signatures
Signing a message using the one-pass mechanism involves prepending a *One-Pass-Signature* (OPS) packet to the message and appending the corresponding signature, sandwiching the signed content. Signing a message using the one-pass mechanism involves prepending a *one-pass signature* (OPS) packet to the message and appending the corresponding signature, sandwiching the signed content.
An OpenPGP message can contain multiple signatures added that way. An OpenPGP message can contain multiple signatures added that way.
```{note} ```{note}
One-Pass-Signatures are nested, meaning the outermost One-Pass-Signature packet corresponds to the outermost signature packet. One-pass signatures are nested, meaning the outermost one-pass signature packet corresponds to the outermost signature packet.
``` ```
When a message is signed, the signature is always calculated over the contents of the literal data packet, not the literal data packet itself. When a message is signed, the signature is always calculated over the contents of the literal data packet, not the literal data packet itself.
This means that if a message, which is compressed using a compressed data packet is wrapped using a one-pass-signature, the signature is still being calculated over the plaintext inside the literal data packet. This means that if a message, which is compressed using a compressed data packet is wrapped using a one-pass signature, the signature is still being calculated over the plaintext inside the literal data packet.
There is one exception, though. There is one exception, though.
```{note} ```{note}
@ -137,20 +137,20 @@ If this flag is set to `0`, it indicates that further OPSs will follow this pack
[^nested-flag]: See [description of the nested flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#section-5.4-3.8.1). [^nested-flag]: See [description of the nested flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#section-5.4-3.8.1).
This mechanism enables attested signatures, where the signer signs an already one-pass-signed message including the already contained signature. This mechanism enables attested signatures, where the signer signs an already one-pass signed message including the already contained signature.
As a practical example, consider the following notation: As a practical example, consider the following notation:
* `LIT("Hello World")` represents a literal data packet with the content `Hello World`. * `LIT("Hello World")` represents a literal data packet with the content `Hello World`.
* `COMP(XYZ)` represents a compressed data packet over some other packet `XYZ`. * `COMP(XYZ)` represents a compressed data packet over some other packet `XYZ`.
* `OPS₁` represents a one-pass-signature packet with the nested flag set to `1`. Analogous, `OPS₀` has the nested flag set to `0`. * `OPS₁` represents a one-pass signature packet with the nested flag set to `1`. Analogous, `OPS₀` has the nested flag set to `0`.
* `SIG` represents a signature packet. * `SIG` represents a signature packet.
A normal, one-pass-signed message looks like this: A normal, one-pass signed message looks like this:
`OPS₁ LIT("Hello World") SIG` `OPS₁ LIT("Hello World") SIG`
Here, the signature is calculated over the plaintext `Hello World`, as is it in a message that has the following form: `OPS₁ COMP(LIT("Hello World")) SIG`. Here, the signature is calculated over the plaintext `Hello World`, as is it in a message that has the following form: `OPS₁ COMP(LIT("Hello World")) SIG`.
A message, where multiple one-pass-signatures are calculated over the same plaintext looks the following: A message, where multiple one-pass signatures are calculated over the same plaintext looks the following:
`OPS₀ OPS₀ OPS₁ LIT("Hello World") SIG SIG SIG` `OPS₀ OPS₀ OPS₁ LIT("Hello World") SIG SIG SIG`
All three signatures are calculated over the same plaintext `Hello World`. All three signatures are calculated over the same plaintext `Hello World`.