Sign a mail
André Rothe
arothe at phosco.info
Mon Jul 20 21:42:18 CEST 2009
Werner,
Thank you for your answer. I have read the RFC 3156, but the examples
are not very helpful to me.
Werner Koch <wk at gnupg.org> wrote:
> RFC-3156 has good examples.
>
>
>> Content-Type: multipart/mixed;
>>
>> to
>>
>> ------=_Part_0_22676229.1248101390164--
>>
>> to sign the mail. But always I get an invalid signature. Has anyone an idea?
>
> The mime parts ends at
>
> --------------248101390272--
>
Hm, I think, this line is the end of the enclosing MIME part, but the
part I have to sign is the content part of the PGP/MIME structure (the
inner boundaries). RFC 3156 says, I have to include the inner
boundaries into the signed content, but should I include also the last
CR+LF? Is it necessary to encode the parts of the signed content with
quoted-printable? I use
gpg --charset utf8 -a --batch --no-tty --digest-algo sha256 -s -b -a
-t -u 0xA4BD4B02 --no-use-agent
as the signature creation command, but I'm not sure with the -t.
> also recall that the CR,LF right before this boundary line is part of
> the boundary and NOT part of the signed data.
There are two CR+LFs between the inner boundary and the next outer boundary...
Encryption and PGP/MIME is very simple to produce, but the signature
alone has cost a weekend till now.
Sorry, but I don't know, whom I could ask
Andre
More information about the Gnupg-devel
mailing list