vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 08:02:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

edit ch7 ## Signature types

Browse source
This commit is contained in:
Tammi L. Coles 2023-11-10 17:45:36 +01:00
parent 51ba919106
commit f7ea1b115e
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
book/source/07-signing_data.md
View file

@ -19,15 +19,14 @@ Note that signatures over data are distinct from {ref}`component_signatures_chap
## Signature types ## Signature types
Data signatures use one of two OpenPGP [signature types](signature_types): OpenPGP data signatures use one of two [signature types](signature_types):
- "Signature of a binary document" (*Binary Signature*, type ID `0x00`): A universal signature type for binary data. Binary signatures are typically used for files or data streams. - **Binary signature** (type ID `0x00`): This is the standard signature type for binary data and is typically used for files or data streams. Binary signatures are calculated over the data without any modifications or transformations.
Binary signatures are calculated over the data "as is", without performing any transformations. - **Text signature** (type ID `0x01`): Used for textual data, such as email bodies. When calculating a text signature, the data is first normalized by converting line endings into a canonical form (`<CR><LF>`). This mitigates issues caused by platform-specific text encodings, which is particularly important for detached signatures where the message file might be re-encoded between signature creation and verification.
- "Signature of a canonical text document" (*Text Signature*, type ID `0x01`): Used for textual data, such as email bodies. When calculating a text signature, the data is first normalized by converting line endings into a canonical form (`<CR><LF>`). The normalization mitigates issues caused by platform-specific text encodings, for example with detached signatures, where the message file may get re-encoded between signature generation and validation.
Data signatures are generated by hashing the message content, plus the metadata in the signature packet, and calculating a cryptographic signature over that hash. The resulting cryptographic signature is stored in an OpenPGP signature packet. Data signatures are generated by hashing the message content along with the metadata in the signature packet, and calculating a cryptographic signature over that hash. The resulting cryptographic signature is stored in an OpenPGP signature packet.
Data signature packets can be used in three different forms. We'll discuss these in the following section. Data signature packets manifest in three distinct forms, which will be detailed in the subsequent section.
## Forms of OpenPGP data signatures ## Forms of OpenPGP data signatures