'nother n00bie Q: Verifying the DSA signature?
brad at danga.com
Fri May 20 13:29:44 PDT 2005
On Fri, 20 May 2005, Nathan D. Bowen wrote:
> Dan Lyke wrote:
> >-----BEGIN PmungedtonotscrewupemailersGP SIGNED MESSAGE-----
> >Hash: DSA
> >-----BEGIN PmungedtonotscrewupemailersGP SIGNATURE-----
> >Version: GnuPG v1.4.1 (GNU/Linux)
> >-----END PmungedtonotscrewupemailersGP SIGNATURE-----
> Actually, you're really close. I spent a couple of hours last night
> before I finally got this working. In my case, I wasn't completely clear
> on the format of the string in the "body", but it looks like you read
> the spec just fine -- your input string looks perfect to me. I believe
> you're running into a problem because PGP doesn't actually sign the
> *body* of the message iteslf; PGP provides a signature of a hash of the
> body of the message.
> In other words, you're not going to be able to test this with PGP because:
> PGP is expecting to verify something like:
> But OpenID creates its signatures with:
The DSA algorithm only ever signs up to 20 bytes.
I'll update the docs. Thanks!
More information about the yadis