vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-27 01:52:06 +01:00
Code Issues Projects Releases Packages Wiki Activity

correct for hash digest, move reference

Browse source
This commit is contained in:
Tammi L. Coles 2023-11-02 13:44:28 +01:00
parent 00270a07e5
commit 43faca00e3
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
book/source/17-zoom_certificates.md
View file

@ -6,7 +6,7 @@ SPDX-License-Identifier: CC-BY-SA-4.0
(zoom_certificates)=
# Zooming in: Packet structure of certificates
Now that we've established the concepts and components that make up OpenPGP certificates , let's look at the internal details of an example certificate.
Now that we've established the concepts and components that make up OpenPGP certificates, let's look at the internal details of an example certificate.
## A very minimal OpenPGP certificate
@ -341,19 +341,19 @@ This concludes the unhashed subpacket data.
This next section shows the remaining fields of this signature packet, which relate to the cryptographic digital signature:
- `digest_prefix: 0x6747`: the left 16 bits of the signed hash value
- `digest_prefix: 0x6747`: the left 16 bits of the signed hash digest
- `salt_len, salt`: a random [salt value](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-advantages-of-salted-signat) with size [matching the hash algorithm](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#hash-algorithms-registry))
- `ed25519_sig`: [algorithm-specific](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-fields-for-ed2) representation of the signature (here: 64 bytes of Ed25519 signature)
The signature's hash is calculated from the following data:
The hash digest is calculated from the following data (see [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC):
- the signature's salt
- the serialized primary key's public data
- the serialized direct key signature packet (excluding the unhashed area)
Refer to [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC for more details.
The signature is derived from this hash digest.
(zoom_enc_subkey)=
## Encryption subkey
@ -509,7 +509,7 @@ The rest of the packet mirrors the *Direct Key Signature* discussed above:
- a salt value
- the cryptographic signature itself
The signature is calculated over a hash. In this case, the hash is derived from the following data:
The signature is calculated over a hash digest. In this case, the hash digest is derived from the following data:
- the signature's salt
- the serialized primary key's public data