mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-30 11:32:07 +01:00
correct for hash digest, move reference
This commit is contained in:
parent
00270a07e5
commit
43faca00e3
1 changed files with 5 additions and 5 deletions
|
@ -6,7 +6,7 @@ SPDX-License-Identifier: CC-BY-SA-4.0
|
||||||
(zoom_certificates)=
|
(zoom_certificates)=
|
||||||
# Zooming in: Packet structure of certificates
|
# Zooming in: Packet structure of certificates
|
||||||
|
|
||||||
Now that we've established the concepts and components that make up OpenPGP certificates , let's look at the internal details of an example certificate.
|
Now that we've established the concepts and components that make up OpenPGP certificates, let's look at the internal details of an example certificate.
|
||||||
|
|
||||||
## A very minimal OpenPGP certificate
|
## A very minimal OpenPGP certificate
|
||||||
|
|
||||||
|
@ -341,19 +341,19 @@ This concludes the unhashed subpacket data.
|
||||||
|
|
||||||
This next section shows the remaining fields of this signature packet, which relate to the cryptographic digital signature:
|
This next section shows the remaining fields of this signature packet, which relate to the cryptographic digital signature:
|
||||||
|
|
||||||
- `digest_prefix: 0x6747`: the left 16 bits of the signed hash value
|
- `digest_prefix: 0x6747`: the left 16 bits of the signed hash digest
|
||||||
|
|
||||||
- `salt_len, salt`: a random [salt value](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-advantages-of-salted-signat) with size [matching the hash algorithm](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#hash-algorithms-registry))
|
- `salt_len, salt`: a random [salt value](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-advantages-of-salted-signat) with size [matching the hash algorithm](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#hash-algorithms-registry))
|
||||||
|
|
||||||
- `ed25519_sig`: [algorithm-specific](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-fields-for-ed2) representation of the signature (here: 64 bytes of Ed25519 signature)
|
- `ed25519_sig`: [algorithm-specific](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-fields-for-ed2) representation of the signature (here: 64 bytes of Ed25519 signature)
|
||||||
|
|
||||||
The signature's hash is calculated from the following data:
|
The hash digest is calculated from the following data (see [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC):
|
||||||
|
|
||||||
- the signature's salt
|
- the signature's salt
|
||||||
- the serialized primary key's public data
|
- the serialized primary key's public data
|
||||||
- the serialized direct key signature packet (excluding the unhashed area)
|
- the serialized direct key signature packet (excluding the unhashed area)
|
||||||
|
|
||||||
Refer to [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC for more details.
|
The signature is derived from this hash digest.
|
||||||
|
|
||||||
(zoom_enc_subkey)=
|
(zoom_enc_subkey)=
|
||||||
## Encryption subkey
|
## Encryption subkey
|
||||||
|
@ -509,7 +509,7 @@ The rest of the packet mirrors the *Direct Key Signature* discussed above:
|
||||||
- a salt value
|
- a salt value
|
||||||
- the cryptographic signature itself
|
- the cryptographic signature itself
|
||||||
|
|
||||||
The signature is calculated over a hash. In this case, the hash is derived from the following data:
|
The signature is calculated over a hash digest. In this case, the hash digest is derived from the following data:
|
||||||
|
|
||||||
- the signature's salt
|
- the signature's salt
|
||||||
- the serialized primary key's public data
|
- the serialized primary key's public data
|
||||||
|
|
Loading…
Reference in a new issue