From e33ead3bb98d1ce3b3fa16e21022e4fbf996ff6e Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Sat, 28 Oct 2023 23:30:56 +0200 Subject: [PATCH] ch19: fix signature examples - now the inline signature has a v6 One-Pass Signature packet - don't generate differing signatures by running the non-deterministic `sq sign` multiple times --- book/source/19-zoom_signatures.md | 114 ++++++++++++++++-------------- 1 file changed, 61 insertions(+), 53 deletions(-) diff --git a/book/source/19-zoom_signatures.md b/book/source/19-zoom_signatures.md index 350677b..f384ef4 100644 --- a/book/source/19-zoom_signatures.md +++ b/book/source/19-zoom_signatures.md @@ -40,9 +40,9 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes Pk algo: Ed25519 Hash algo: SHA512 Hashed area: - Signature creation time: 2023-10-28 15:40:57 UTC (critical) + Signature creation time: 2023-10-28 15:47:27 UTC (critical) Issuer Fingerprint: D07B24EC91A14DD240AC2D53E6C8A9E054949A41222EA738576ED19CAEA3DC99 - Digest prefix: 97F5 + Digest prefix: DB9E Level: 0 (signature over data) 00000000 c2 CTB @@ -54,7 +54,7 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes 00000006 00 00 00 29 hashed_area_len 0000000a 05 subpacket length 0000000b 82 subpacket tag - 0000000c 65 3d 2b 89 sig creation time + 0000000c 65 3d 2d 0f sig creation time 00000010 22 subpacket length 00000011 21 subpacket tag 00000012 06 version @@ -62,17 +62,17 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes 00000020 c8 a9 e0 54 94 9a 41 22 2e a7 38 57 6e d1 9c ae 00000030 a3 dc 99 00000033 00 00 00 00 unhashed_area_len - 00000037 97 digest_prefix1 - 00000038 f5 digest_prefix2 + 00000037 db digest_prefix1 + 00000038 9e digest_prefix2 00000039 20 salt_len - 0000003a b4 c6 ed 8e 3f 08 salt - 00000040 90 69 36 82 19 7d e9 df 74 18 af 92 d1 ee a3 08 - 00000050 0a 18 87 de 56 f1 01 a3 00 89 - 0000005a ef 83 32 b9 40 84 ed25519_sig - 00000060 10 21 33 f4 7a e9 05 0d 5c 16 10 75 27 95 0a 32 - 00000070 49 e0 98 2d 0e 74 b0 f1 17 d4 3e 69 95 a7 6f b9 - 00000080 76 bc 22 3d ee 9c 46 e8 d5 41 12 6c c8 f5 c6 37 - 00000090 06 14 f5 3b a7 cd a7 ea 96 0b + 0000003a 90 a4 54 9e 5a 0b salt + 00000040 56 70 e3 ce 68 ed 8e f6 b8 73 e7 93 b9 2d 91 9c + 00000050 a1 28 7d 8c b8 78 c2 74 81 d0 + 0000005a 53 4a 9e ff c6 d1 ed25519_sig + 00000060 d0 1d f2 c0 73 73 2f 05 28 aa 3d 1e 7d 85 a1 8f + 00000070 a5 de 5d ad 3c 85 ac 54 1f b8 b9 d0 c1 03 8d f1 + 00000080 6b 3d cd bc d4 1d 02 e5 f8 a2 18 de 0f 61 ce fa + 00000090 07 cb 40 db f6 63 b1 28 07 0b ``` ## Inline signature @@ -81,32 +81,40 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes $ sq sign --signer-file alice.pgp message.txt -----BEGIN PGP MESSAGE----- -xA0DAAob0Hsk7JGhTdIByxJiAAAAAABoZWxsbyB3b3JsZArCmAYAGwoAAAApBYJl -PS6aIiEG0Hsk7JGhTdJArC1T5sip4FSUmkEiLqc4V27RnK6j3JkAAAAA2fQg3Chc -XOvRADo3I2sUdXevtp29q//4cFpY89jZSmZccCmC0rzU2cuCZTPer8IugpmpbcAT -VePYVzWPYUH/XcGJBuGNJVbKSGP2sgNqUb33XhtusK+TRiu4qxgwgOXVywwF -=AZt5 +xEYGAAobIK+vlFDAK62+055LpOCoOGecp66NiyRz6M+emCLp5Nbg0Hsk7JGhTdJA +rC1T5sip4FSUmkEiLqc4V27RnK6j3JkByxJiAAAAAABoZWxsbyB3b3JsZArCmAYA +GwoAAAApBYJlPXuNIiEG0Hsk7JGhTdJArC1T5sip4FSUmkEiLqc4V27RnK6j3JkA +AAAAhrggr6+UUMArrb7Tnkuk4Kg4Z5ynro2LJHPoz56YIunk1uApSiAe9CYGgqrs +p6Ud6ARDVcOWWFhxTJK2rNULlZ9k4HPFvUT4PTrjpb4kjRAb6MDgSSclPaj14FjL +rpr/eqQF +=r993 -----END PGP MESSAGE----- ``` ```text -$ sq sign --signer-file alice.pgp message.txt |sq packet dump --hex -One-Pass Signature Packet, new CTB, 2 header bytes + 13 bytes - Version: 3 +$ sq packet dump --hex inline-sig.txt +One-Pass Signature Packet, new CTB, 2 header bytes + 70 bytes + Version: 6 Type: Binary Pk algo: Ed25519 Hash algo: SHA512 - Issuer: D07B24EC91A14DD2 + Issuer: D07B24EC91A14DD240AC2D53E6C8A9E054949A41222EA738576ED19CAEA3DC99 Last: true 00000000 c4 CTB - 00000001 0d length - 00000002 03 version + 00000001 46 length + 00000002 06 version 00000003 00 type 00000004 0a hash_algo 00000005 1b pk_algo - 00000006 d0 7b 24 ec 91 a1 4d d2 issuer - 0000000e 01 last + 00000006 20 salt_len + 00000007 af af 94 50 c0 2b ad be d3 salt + 00000010 9e 4b a4 e0 a8 38 67 9c a7 ae 8d 8b 24 73 e8 cf + 00000020 9e 98 22 e9 e4 d6 e0 + 00000027 d0 7b 24 ec 91 a1 4d d2 40 issuer + 00000030 ac 2d 53 e6 c8 a9 e0 54 94 9a 41 22 2e a7 38 57 + 00000040 6e d1 9c ae a3 dc 99 + 00000047 01 last Literal Data Packet, new CTB, 2 header bytes + 18 bytes Format: Binary data @@ -126,9 +134,9 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes Pk algo: Ed25519 Hash algo: SHA512 Hashed area: - Signature creation time: 2023-10-28 15:54:09 UTC (critical) + Signature creation time: 2023-10-28 21:22:21 UTC (critical) Issuer Fingerprint: D07B24EC91A14DD240AC2D53E6C8A9E054949A41222EA738576ED19CAEA3DC99 - Digest prefix: 89FF + Digest prefix: 86B8 Level: 0 (signature over data) 00000000 c2 CTB @@ -140,7 +148,7 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes 00000006 00 00 00 29 hashed_area_len 0000000a 05 subpacket length 0000000b 82 subpacket tag - 0000000c 65 3d 2e a1 sig creation time + 0000000c 65 3d 7b 8d sig creation time 00000010 22 subpacket length 00000011 21 subpacket tag 00000012 06 version @@ -148,17 +156,17 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes 00000020 c8 a9 e0 54 94 9a 41 22 2e a7 38 57 6e d1 9c ae 00000030 a3 dc 99 00000033 00 00 00 00 unhashed_area_len - 00000037 89 digest_prefix1 - 00000038 ff digest_prefix2 + 00000037 86 digest_prefix1 + 00000038 b8 digest_prefix2 00000039 20 salt_len - 0000003a f9 e8 86 74 33 55 salt - 00000040 b1 23 dc 05 b2 0a 48 ff 68 83 4d 69 94 da b3 67 - 00000050 d2 4e 46 5d f1 0e 44 4b d9 29 - 0000005a 47 42 69 50 a2 85 ed25519_sig - 00000060 b3 e4 35 38 72 f0 d6 68 2b 59 21 d9 1c 1a 6a 7a - 00000070 92 74 6e 06 63 2b ad 23 85 97 ae 25 39 06 88 dc - 00000080 8e d6 6b 6d a9 c1 16 08 e6 c4 d9 9c 6a a6 5d 50 - 00000090 74 aa c3 95 c4 9a b0 03 ee 03 + 0000003a af af 94 50 c0 2b salt + 00000040 ad be d3 9e 4b a4 e0 a8 38 67 9c a7 ae 8d 8b 24 + 00000050 73 e8 cf 9e 98 22 e9 e4 d6 e0 + 0000005a 29 4a 20 1e f4 26 ed25519_sig + 00000060 06 82 aa ec a7 a5 1d e8 04 43 55 c3 96 58 58 71 + 00000070 4c 92 b6 ac d5 0b 95 9f 64 e0 73 c5 bd 44 f8 3d + 00000080 3a e3 a5 be 24 8d 10 1b e8 c0 e0 49 27 25 3d a8 + 00000090 f5 e0 58 cb ae 9a ff 7a a4 05 ``` ## Cleartext signature @@ -180,16 +188,16 @@ r13/eqMN8kfCDw== ``` ```text -$ sq sign --cleartext-signature --signer-file alice.pgp message.txt |sq packet dump --hex +$ sq packet dump --hex cleartext-sig.txt Signature Packet, new CTB, 2 header bytes + 152 bytes Version: 6 Type: Text Pk algo: Ed25519 Hash algo: SHA512 Hashed area: - Signature creation time: 2023-10-28 15:56:30 UTC (critical) + Signature creation time: 2023-10-28 15:55:48 UTC (critical) Issuer Fingerprint: D07B24EC91A14DD240AC2D53E6C8A9E054949A41222EA738576ED19CAEA3DC99 - Digest prefix: 53D2 + Digest prefix: DAA0 Level: 0 (signature over data) 00000000 c2 CTB @@ -201,7 +209,7 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes 00000006 00 00 00 29 hashed_area_len 0000000a 05 subpacket length 0000000b 82 subpacket tag - 0000000c 65 3d 2f 2e sig creation time + 0000000c 65 3d 2f 04 sig creation time 00000010 22 subpacket length 00000011 21 subpacket tag 00000012 06 version @@ -209,15 +217,15 @@ Signature Packet, new CTB, 2 header bytes + 152 bytes 00000020 c8 a9 e0 54 94 9a 41 22 2e a7 38 57 6e d1 9c ae 00000030 a3 dc 99 00000033 00 00 00 00 unhashed_area_len - 00000037 53 digest_prefix1 - 00000038 d2 digest_prefix2 + 00000037 da digest_prefix1 + 00000038 a0 digest_prefix2 00000039 20 salt_len - 0000003a 9d e4 5e 3f 37 33 salt - 00000040 d8 9c 70 d8 b5 e2 30 48 6c b8 2e 75 9d 7c 10 3b - 00000050 42 a2 6d f4 db 96 47 d3 57 42 - 0000005a 58 99 2f 2c a2 35 ed25519_sig - 00000060 b7 3f 63 8a 7f f1 d0 b7 5b 38 cd 92 bb e9 b5 59 - 00000070 9b 45 e1 0b fd d9 e7 96 4d e4 e9 5f 22 29 91 6d - 00000080 85 a3 94 90 11 9d 3a 3d 32 74 a7 32 ca 73 4b 45 - 00000090 4f 19 a5 49 3d d8 83 0e 1b 09 + 0000003a 70 33 a1 14 f3 bb salt + 00000040 fe d9 bb 17 3c 23 37 f8 af 7f ea 48 29 81 7c 3a + 00000050 96 cd 35 ea 99 5b 6c 48 14 87 + 0000005a 00 29 1a de a6 cd ed25519_sig + 00000060 79 e8 6a bb c1 fa 4b 45 0a f1 5e f2 1d ba 55 84 + 00000070 4c 6e f4 7b bb da 35 84 cd 4f c1 d2 1f 4c 47 98 + 00000080 03 84 93 e8 5a ea f1 f1 87 f2 5c 10 ec 45 2e 32 + 00000090 af 5d ff 7a a3 0d f2 47 c2 0f ```