From 5f8e36a60578f990fc9c7bb1ae1cf55f820f2d2e Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Tue, 3 Oct 2023 12:19:14 +0200 Subject: [PATCH] Add signature diagram --- book/source/06-certifications.md | 42 ++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/book/source/06-certifications.md b/book/source/06-certifications.md index e1201dc..f01e636 100644 --- a/book/source/06-certifications.md +++ b/book/source/06-certifications.md @@ -23,6 +23,48 @@ Signatures are the glue that allows for keys, subkeys and identities to be assem ## Terminology +```{mermaid} + +%%{ init: { 'flowchart': { 'curve': '' } } }%% +flowchart LR + signature(OpenPGP Signature) --> data & certification + data(Data Signature) --> binary & text + certification("Certification / + 3rd-Party Certification") --> dksig & uidcert & uidrev & krev & selfcert + selfcert(Self Certification) --> skbind & skrev + subgraph Siganture Types and Targets + standalone[0x02: Standalone] + subgraph Signature Packets + confsig[0x50: Third-Party Confirmation] + timestamp[0x40: Timestamp] + end + subgraph Data Packets + binary[0x00: Binary Data] + text[0x01: Canonical Text] + end + subgraph User ID / User Attribute Packets + uidcert[ + 0x10: Generic Certification + 0x11: Persona Certification + 0x12: Casual Certification + 0x13: Positive Certification + ] + uidrev[0x30: Certification Revocation] + end + subgraph Subkeys + skbind[ + 0x18: Subkey Binding + 0x19: Primary Key Binding + ] + skrev[0x28: Subkey Revocation] + end + subgraph Primary Key + dksig[0x1F: Direct-Key Signature] + krev[0x20: Key Revocation] + end + end +``` + The term *signature* can have multiple meanings in the context of the OpenPGP specification. Cryptographic keys create raw signatures which are byte sequences calculated according to some signature scheme. OpenPGP packs these raw signatures up into OpenPGP signature packets, which carry additional information in the form of signature subpackets.