1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-08 12:44:23 +01:00

doc: Add a comment to explain the signature postscript.

--

Hal Finney explained this on January 22, 2004 on a question from Peter
Gutmann on the WG list.
This commit is contained in:
Werner Koch 2020-03-12 11:05:37 +01:00
parent b4f1159a5b
commit 90fb4a69d2
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -293,10 +293,15 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig,
gcry_md_write (md, buf, 6); gcry_md_write (md, buf, 6);
} }
} }
/* Add some magic. */ /* Add some magic aka known as postscript. The idea was to make it
* impossible to make up a document with a v3 signature and then
* turn this into a v4 signature for another document. The last
* hashed 5 bytes of a v4 signature should never look like a the
* last 5 bytes of a v3 signature. The length can be used to parse
* from the end. */
i = 0; i = 0;
buf[i++] = sig->version; buf[i++] = sig->version; /* Hash convention version. */
buf[i++] = 0xff; buf[i++] = 0xff; /* Not any sig type value. */
if (sig->version >= 5) if (sig->version >= 5)
{ {
/* Note: We don't hashed any data larger than 2^32 and thus we /* Note: We don't hashed any data larger than 2^32 and thus we