From bd50fe349615f30e1c4d69031b9e48a2a49a3c31 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Tue, 3 Oct 2023 12:19:14 +0200 Subject: [PATCH] Add signature diagram --- book/source/06-certifications.md | 42 ++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/book/source/06-certifications.md b/book/source/06-certifications.md index caab695..250ad1a 100644 --- a/book/source/06-certifications.md +++ b/book/source/06-certifications.md @@ -18,6 +18,48 @@ Signatures are the glue that allows for keys, subkeys and identities to be assem ## Terminology +```{mermaid} + +%%{ init: { 'flowchart': { 'curve': '' } } }%% +flowchart LR + signature(OpenPGP Signature) --> data & certification + data(Data Signature) --> binary & text + certification("Certification / + 3rd-Party Certification") --> dksig & uidcert & uidrev & krev & selfcert + selfcert(Self Certification) --> skbind & skrev + subgraph Siganture Types and Targets + standalone[0x02: Standalone] + subgraph Signature Packets + confsig[0x50: Third-Party Confirmation] + timestamp[0x40: Timestamp] + end + subgraph Data Packets + binary[0x00: Binary Data] + text[0x01: Canonical Text] + end + subgraph User ID / User Attribute Packets + uidcert[ + 0x10: Generic Certification + 0x11: Persona Certification + 0x12: Casual Certification + 0x13: Positive Certification + ] + uidrev[0x30: Certification Revocation] + end + subgraph Subkeys + skbind[ + 0x18: Subkey Binding + 0x19: Primary Key Binding + ] + skrev[0x28: Subkey Revocation] + end + subgraph Primary Key + dksig[0x1F: Direct-Key Signature] + krev[0x20: Key Revocation] + end + end +``` + The term *signature* can have multiple meanings in the context of the OpenPGP specification. Cryptographic keys create raw signatures which are byte sequences calculated according to some signature scheme. OpenPGP packs these raw signatures up into OpenPGP signature packets, which carry additional information in the form of signature subpackets.