Looking for a model explaining the internal structure of a PGP-signed & encrypted file

Question

I'm trying to debug & extend an existing piece of Java code using BouncyCastle to decrypt and verify secured attachments.

I've looked through the BouncyCastle samples but what it's harder to extract from there is a model of what a PGP-secured attachments looks like. From the code and various errors I can infer there is something represented by a PGPMarker, then you can find a PGPCompressedData which inside has a PGPOnePassSignatureList and so on. This doesn't clarify issues such as when to expect one versus another and whether a one-pass signature is present when signing and encryption were performed separately (these were examples I faced but are not the topic of the question). BC's javadoc doesn't explain much (eg. PGPOnePassSignature is "A one pass signature object").

It's time-consume to reverse engineer the model by trial and error and, as I haven't successfully googled a good resource on this, I hope perhaps someone else knows one.

Thanks in advance.

Answer 1

The best resource I found was the OpenPGP RFC. I've used BouncyCastle for PGP and S/MIME, and I felt S/MIME was a lot more straight-forward, even though both standards are doing essentially the same thing. Luckily, in my case, I was signing and encrypting, so my code didn't have to be prepared to handle any crazy structure some PGP implementation could dream up.