.RB ` : '
and the actual key data. The attributes are as follows.
.TP
-.BR "binary" ", " "mp" ", " "struct" ", " "encrypt" ", " "string" ", " "ec"
+.BR "binary" ", " "integer" ", " "struct" ", " "encrypt" ", " "string" ", " "ec"
The key encoding type. This describes the format of the actual key
data.
.TP
-.B "symmetric" ", " "private" ", " "public" ", " "shared"
+.BR "symmetric" ", " "private" ", " "public" ", " "shared"
The kind of key this is. This field can be used to filter public keys
from private ones.
.TP
.B "binary"
The binary data is base64 encoded (RFC2045).
.TP
-.B "mp"
+.B "integer"
The integer is a string of decimal digits.
.TP
.B "struct"
.I P
and the plaintext be
.IR m .
-A 160-bit nonce
+A 160-bit nonce
.I N
is chosen at random. Let
-.IR K \ =\ N \ ||\ K .
+.IR K \ =\ N \ ||\ K .
Generate 320 bits of output from RIPEMD-160 in
MGF1 mode with seed
.IR K ;
let
.I K\*(usE\*(ue
-be the half and
+be the first half and
.I K\*(usT\*(ue
be the second.
Encrypt the message
giving the ciphertext
.IR y\*(us0\*(ue .
Let \*(*t be the 160-bit tag obtained from RIPEMD-160 in HMAC mode on
-the message
-.I y\*(us0\*(ue
+the message
+.I y\*(us0\*(ue
and with key
.IR K\*(usT\*(ue .
The ciphertext is then
.B "binary"
The key data is stored as-is.
.TP
-.B "mp"
+.B "integer"
The integer is stored, base-256, one digit per octet, in big-endian
order, using as few octets as possible. The value 0 has length zero.
.TP
.B "struct"
-A sequence of subkeys is stored. Each subkey consists of a single
-octet giving the length of the subkey's label; the label itself in
-ASCII, zero-octet padding to make the subkey start at a multiple of four
-octets, and then the encoding of the subkey. There is no terminator:
-the outer length field indicates when to stop reading subkeys.
+A sequence of subkeys is stored; the sequence is sorted by
+lexicographical order of the subkeys' labels. Each subkey consists of a
+single octet giving the length of the subkey's label; the label itself
+in ASCII, zero-octet padding to make the subkey start at a multiple of
+four octets, and then the encoding of the subkey. There is no
+terminator: the outer length field indicates when to stop reading
+subkeys.
.TP
.B "string"
The string is stored as-is, with no terminator.
and
.IR y -coordinates
expressed as integers in the obvious way and encoded as for
-.B mp
+.B integer
keys, each preceded by a two-octet length. There is no padding between
the two coordinates.
.TP
.B "encrypt"
The key data is encoded as binary and encrypted as described above. The
resulting ciphertext is stored as is.
+.SS "Fingerprints"
+The fingerprint is computed by hashing the binary representation of (the
+selected parts of) a key's data followed by the key type preceded by a
+single length octet, and the key's attributes, in lexicographic order of
+the attribute name. Each attribute consists of the attribute's name
+preceded by a single length octet, followed by the value preceded by a
+two-octet length. The lengths do not include themselves; neither string
+has a terminator character; there is no padding.
.SH AUTHOR
-Mark Wooding, <mdw@nsict.org>
+Mark Wooding, <mdw@distorted.org.uk>
projects / u / mdw / catacomb / blobdiff