vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-12 20:59:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

more restructuring

Browse source
This commit is contained in:
Heiko Schaefer 2023-10-25 16:13:18 +02:00
parent 6440318fcc
commit 8184304cd8
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
2 changed files with 29 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

12
book/source/07-signing_data.md
View file

@ -16,3 +16,15 @@ Add content, including:
- Signature of a canonical text document
- "The signature is calculated over the text data with its line endings converted to `<CR><LF>`"
```
## Data signatures
A data signature serves the purpose to cryptographically guarantee the authenticity (and implicitly also the integrity) of a message, e.g. an email or a file, while a certification is used to attach metadata or subkeys to a certificate.
Data signatures are always calculated by keys carrying the **S**igning key flag.
Different types of signatures are distinguished by a signature type code and are calculated in different ways.
Signatures can either be distributed standalone as *detached* signatures, or can be inlined with OpenPGP data, such as an OpenPGP message or a key or certificate.
Data signatures (type 0x00 and 0x01) are created by hashing the message content and calculating a cryptographic signature over the hash.
You can read more about data signatures in the [next chapter](signing_data).
The result is packed up into an OpenPGP signature packet, which can either be included in the OpenPGP message (TODO: See section about forming messages, cleartext signature framework), or distributed separately as a so-called *detached* signature.
Data signatures are always calculated using a **S**igning key.