I'm reading RFC4880 in an attempt to produce an implementatdion of a subset of OpenPGP (RSA signatures) using http://phpseclib.sourceforge.net/. I have the publickey and compression-literal-signature packets parsed out. I can extract n and e and feed them to Crypt_RSA to construct a verifier. I tell it I'm using sha256. It then needs a "message" and a " signature" parametre. I get the signature data out of the signature packet no problem. The question I have is: what is "message"? According to sec tion 5.2.4 it's some combination of the literal data packet(s?) (their bodies or the whole packet?) and the "hashed" subpackets. Do I just concat all the data packets and the hashed packets together in the order they appear?
+1
A:
The hash is of the literal data packet contents (not the whole body, just the data), followed by the "trailer" (literal bytes from signature packet up to and including hashed subpackets), followed by { 0x44, 0xff, trailer_length_as_4_octet_network_order_unsigned_integer }
singpolyma
2010-04-01 16:28:58