> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:owner-openssl- > [EMAIL PROTECTED] On Behalf Of Jeremiah Martell > Sent: Friday, July 06, 2007 6:03 AM > To: openssl-users@openssl.org > Subject: Re: Question: ASCII Armored text signature > > On 7/5/07, Carlo Milono <[EMAIL PROTECTED]> wrote: > > Radix-64 - if you want the PGP/GPG stuff. > > > > See: http://en.wikipedia.org/wiki/Binary_to_text_encoding > > > > Ok, Here's a real example from using GPG on my MAC: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > This is an example sentence I will sign. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (Darwin) > > iQEVAwUBRo48h04yyDIo085+AQJq9Af+M8hx53yChhsXYOyYcJaCQKgFreeS8Dxx > hC7Jhfssb+IWqWHSdDlqi8pm6Ous+0W6S7KaJblLu/tmSMZ8y6TVLxx5vzGPe/Kq > oBYQJjAoZKtuFs3Jmqj40NUYBRLPcrGxsg0/VLLeQvk8ZZdIA01pg3kbb3l8tTW2 > 9fvbD9tynZCgpKA/Ot9Qs/1QTPNA2aM2QNswlRwF00BLt81C/vAKI0aQfdVjfCUU > Xgka5gU2vJh23Rx5QYhsoiVk7p1f3wdtxvCdiJbjifKnukWqyQbxypJmdKd09/Wd > Mys5U1CixHp6LjBcp4F333MIncxl5z/Zj3WBM47QzIG/Fm6gxO10fw== > =qyUl > -----END PGP SIGNATURE----- > > And my question concerns the last "=qyUI" at the end of the signature. > > My first guess was that I could just base64 the signature and put it > at the end, but I'm not sure what that last "=qyUI" is. Any ideas? >
I would suspect it is either the checksum or the "tail". See RFC 2440 (http://tools.ietf.org/html/rfc2440) - here is a snippet from that RFC: 6.2. Forming ASCII Armor When OpenPGP encodes data into ASCII Armor, it puts specific headers around the data, so OpenPGP can reconstruct the data later. OpenPGP informs the user what kind of data is encoded in the ASCII armor through the use of the headers. Concatenating the following data creates ASCII Armor: - An Armor Header Line, appropriate for the type of data - Armor Headers - A blank (zero-length, or containing only whitespace) line - The ASCII-Armored data - An Armor Checksum - The Armor Tail, which depends on the Armor Header Line. An Armor Header Line consists of the appropriate header line text surrounded by five (5) dashes ('-', 0x2D) on either side of the header line text. The header line text is chosen based upon the type of data that is being encoded in Armor, and how it is being encoded. Header line texts include the following strings: BEGIN PGP MESSAGE Used for signed, encrypted, or compressed files. BEGIN PGP PUBLIC KEY BLOCK Used for armoring public keys BEGIN PGP PRIVATE KEY BLOCK Used for armoring private keys BEGIN PGP MESSAGE, PART X/Y Used for multi-part messages, where the armor is split amongst Y parts, and this is the Xth part out of Y. BEGIN PGP MESSAGE, PART X Used for multi-part messages, where this is the Xth part of an unspecified number of parts. Requires the MESSAGE-ID Armor Header to be used. BEGIN PGP SIGNATURE Used for detached signatures, OpenPGP/MIME signatures, and natures following clearsigned messages. Note that PGP 2.x s BEGIN PGP MESSAGE for detached signatures. The Armor Headers are pairs of strings that can give the user or the receiving OpenPGP implementation some information about how to decode or use the message. The Armor Headers are a part of the armor, not a part of the message, and hence are not protected by any signatures applied to the message. The format of an Armor Header is that of a key-value pair. A colon (':' 0x38) and a single space (0x20) separate the key and value. OpenPGP should consider improperly formatted Armor Headers to be corruption of the ASCII Armor. Unknown keys should be reported to the user, but OpenPGP should continue to process the message. Currently defined Armor Header Keys are: - "Version", that states the OpenPGP Version used to encode the message. - "Comment", a user-defined comment. - "MessageID", a 32-character string of printable characters. The string must be the same for all parts of a multi-part message that uses the "PART X" Armor Header. MessageID strings should be ------- and so on... > Thanks, > > -- > - Jeremiah Martell > http://inlovewithGod.com > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
