'nother n00bie Q: Verifying the DSA signature?

Brad Fitzpatrick brad at danga.com
Fri May 20 13:29:44 PDT 2005

Not quite,

On Fri, 20 May 2005, Nathan D. Bowen wrote:

> Dan Lyke wrote:
> >-----BEGIN PmungedtonotscrewupemailersGP SIGNED MESSAGE-----
> >Hash: DSA
> >
> >2005-05-20T18:30:09Z::assert_identity::http://www.livejournal.com/users/danlyke/::http://danlyke.gamahuche.com/openid.cgi
> >-----BEGIN PmungedtonotscrewupemailersGP SIGNATURE-----
> >Version: GnuPG v1.4.1 (GNU/Linux)
> >
> >
> >-----END PmungedtonotscrewupemailersGP SIGNATURE-----
> >
> >
> Actually, you're really close. I spent a couple of hours last night
> before I finally got this working. In my case, I wasn't completely clear
> on the format of the string in the "body", but it looks like you read
> the spec just fine -- your input string looks perfect to me. I believe
> you're running into a problem because PGP doesn't actually sign the
> *body* of the message iteslf; PGP provides a signature of a hash of the
> body of the message.
> In other words, you're not going to be able to test this with PGP because:
> PGP is expecting to verify something like:
>     BASE64(DSA(MD5("2005-05-20T18:30:09Z::assert_identity::blahblah")))
> But OpenID creates its signatures with:
>     BASE64(DSA("2005-05-20T18:30:09Z::assert_identity::blahblah"))

The DSA algorithm only ever signs up to 20 bytes.

We do:


I'll update the docs.  Thanks!

- Brad

More information about the yadis mailing list