在RFC 4880, 有第11.3节它指定了 OpenPGP 消息块可以具有的不同格式:
11.3. OpenPGP Messages
An OpenPGP message is a packet or sequence of packets that
corresponds to the following grammatical rules (comma represents
sequential composition, and vertical bar separates alternatives):
OpenPGP Message :- Encrypted Message | Signed Message |
Compressed Message | Literal Message.
Compressed Message :- Compressed Data Packet.
Literal Message :- Literal Data Packet.
ESK :- Public-Key Encrypted Session Key Packet |
Symmetric-Key Encrypted Session Key Packet.
ESK Sequence :- ESK | ESK Sequence, ESK.
Encrypted Data :- Symmetrically Encrypted Data Packet |
Symmetrically Encrypted Integrity Protected Data Packet
Encrypted Message :- Encrypted Data | ESK Sequence, Encrypted Data.
One-Pass Signed Message :- One-Pass Signature Packet,
OpenPGP Message, Corresponding Signature Packet.
Signed Message :- Signature Packet, OpenPGP Message |
One-Pass Signed Message.
In addition, decrypting a Symmetrically Encrypted Data packet or a
Symmetrically Encrypted Integrity Protected Data packet as well as
decompressing a Compressed Data packet must yield a valid OpenPGP
Message.
有没有办法通过命令行参数来生成Signed Message使用 GPG?请注意Signed Message不是显示的类型西科光盘. 这是一个Cleartext Signature,描述于第七节RFC 的。装甲车Signed Message将有车头-----BEGIN PGP MESSAGE-----。
我能得到的最接近的方法是使用gpg -s,它生成一个压缩数据包,该数据包封装了一次通过签名包、文字数据包、签名包。但是,我不认为它应该被压缩,因此看起来 GPG 要么在不应该压缩时压缩,要么 GPG 正在输出压缩消息。
答案1
GnuPG 默认会压缩(至少是纯文本)消息。如果您不希望它压缩消息,请使用选项将压缩级别设置为 0。--compress-level 0来自man gpg:
--compress-level n
[...] A value of 0 for n disables compression.
与压缩级别 0 一起使用-s将输出未压缩的签名消息,实际上是一次性签名消息。
消息压缩是预期的行为。RFC 4880,第 2.3 章状态:
压缩
OpenPGP 实现应该在应用签名之后但在加密之前压缩消息。[...]