Re: Detaching signature from signed object
eThinking about this further, is there any to use the details from "--list-packets" in order to extract the signature. For example, the output from the signing below produces:- >C:\>gpg --list-packets R:\Temp\signedfile.asc ># off=0 ctb=a3 tag=8 hlen=1 plen=0 indeterminate >:compressed packet: algo=1 ># off=2 ctb=90 tag=4 hlen=2 plen=13 >:onepass_sig packet: keyid DC00AF5F572550CB >version 3, sigclass 0x00, digest 8, pubkey 22, last=1 ># off=17 ctb=ac tag=11 hlen=2 plen=55 >:literal data packet: >mode b (62), created 1624466686, name="inputfile.txt", >raw data: 36 bytes ># off=74 ctb=88 tag=2 hlen=2 plen=117 >:signature packet: algo 22, keyid DC00AF5F572550CB >version 4, created 1624466686, md5len 0, sigclass 0x00 >digest algo 8, begin of digest dc 7e >hashed subpkt 33 len 21 (issuer fpr v4 > 1797615E1E1CA3357FD23365DC00AF5F572550CB) >hashed subpkt 2 len 4 (sig created 2021-06-23) >subpkt 16 len 8 (issuer key ID DC00AF5F572550CB) >data: [256 bits] >data: [256 bits] Would the:- ># off=74 ctb=88 tag=2 hlen=2 plen=117 provide enough inforation to extract the signature? Does it vary depending upon whether the signature is ASCII armored? Or am I barking up the wrong tree??? Best wishes, Matthew -- >From: Matthew Richardson via Gnupg-users >To: gnupg-users@gnupg.org >Cc: >Date: Sun, 20 Jun 2021 17:52:53 +0100 >Subject: Detaching signature from signed object >Is there any way in GnuPG to detach (or extract) a signature from a signed >object? For example, a signed object is created with:- > >>gpg --armor --output signedfile.asc --sign inputfile.txt > >where what is wanted is a detached signature which would verify against >inputfile.txt. > >This feature is in PGP 2:- > >>pgp -sa inputfile.txt -o signedfile.asc >>pgp -b signedfile.asc -o verified.txt > >which also produces verified.pgp as the detached signature. The feature is >described (briefly) in the PGP 2 documentation thus:- > >>To detach a signature certificate from a signed message: >> pgp -b ciphertextfile > >The reason for asking is that I operate a service [1], which currently used >PGP 2, and which would benefit from more recent crypto, but which also uses >"pgp -b" extensively. > >Best wishes, >Matthew > >[1] http://www.itconsult.co.uk/stamper.htm ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Detaching signature from signed object
On Sun, 20 Jun 2021 18:22:53 +, ?? ?? via Gnupg-users wrote:- >12021/04/10 05:36.72 ?, Matthew Richardson via Gnupg-users > ??: >> Is there any way in GnuPG to detach (or extract) a signature from a signed >> object? For example, a signed object is created with:- >> >> >gpg --armor --output signedfile.asc --sign inputfile.txt >> >> where what is wanted is a detached signature which would verify against >> inputfile.txt. >> >> This feature is in PGP 2:- >> >> >pgp -sa inputfile.txt -o signedfile.asc >> >pgp -b signedfile.asc -o verified.txt >> >> which also produces verified.pgp as the detached signature. The feature is >> described (briefly) in the PGP 2 documentation thus:- >> >> >To detach a signature certificate from a signed message: >> > pgp -b ciphertextfile >> >> The reason for asking is that I operate a service [1], which currently used >> PGP 2, and which would benefit from more recent crypto, but which also uses >> "pgp -b" extensively. >> >> Best wishes, >> Matthew >> [1] http://www.itconsult.co.uk/stamper.htm > >I believe you're looking for the -sb option, which creates a detached >signature. Unless I have misunderstood (and please correct me if I have), "-sb" SIGNS producing a detached signature, whereas I am wanting to detach an EXISTING signature from an already signed object. Best wishes, Matthew ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Detaching signature from signed object
Is there any way in GnuPG to detach (or extract) a signature from a signed object? For example, a signed object is created with:- >gpg --armor --output signedfile.asc --sign inputfile.txt where what is wanted is a detached signature which would verify against inputfile.txt. This feature is in PGP 2:- >pgp -sa inputfile.txt -o signedfile.asc >pgp -b signedfile.asc -o verified.txt which also produces verified.pgp as the detached signature. The feature is described (briefly) in the PGP 2 documentation thus:- >To detach a signature certificate from a signed message: > pgp -b ciphertextfile The reason for asking is that I operate a service [1], which currently used PGP 2, and which would benefit from more recent crypto, but which also uses "pgp -b" extensively. Best wishes, Matthew [1] http://www.itconsult.co.uk/stamper.htm ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
