vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-02-17 01:26:29 +01:00
Code Issues Projects Releases Packages Wiki Activity

Add diagram for signature packet structure

Browse source
This commit is contained in:
Heiko Schaefer 2023-11-03 16:12:33 +01:00
parent e814cc5bb1
commit 4d8ade3502
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
book/source/06-signatures.md
View file

@ -16,7 +16,6 @@ The term *signature* can have multiple meanings in the context of OpenPGP:
- Cryptographic keys create raw signatures which are byte sequences calculated according to some signature scheme.
- [*OpenPGP signature packets*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-signature-packet-type-id-2), which combine a *type* setting, additional metadata, and a raw cryptographic signature.
```{figure} diag/types_of_signatures.png
Two meanings of the term "signature" in OpenPGP
@ -52,11 +51,9 @@ As outlined above, an OpenPGP signature is a composite data structure, which com
- Most of this metadata is encoded as so-called "subpackets," see {ref}`signature_subpackets`,
- A raw cryptographic signature.
```{figure} diag/signature_packet.png
```{admonition} VISUAL
:class: warning
show a version of our "yellow tag-thing with sig-circle" visual?
Structure of an OpenPGP signature packet
```
The cryptographic signature is calculated by its issuer. It certifies a hash digest, which in turn combines a set of input data. The exact input data depends on the signature type. Roughly: the hash digest is over the elements that the OpenPGP signature makes a statement about, combined with the metadata in the OpenPGP signature packet itself. More on this later.