Можете ли вы вручную добавить комментарий к блоку открытого ключа PGP и не нарушать его? - PullRequest
Новая
       92

Можете ли вы вручную добавить комментарий к блоку открытого ключа PGP и не нарушать его?

1 голос
/ 04 ноября 2019

Представьте, что следующее является действительным PGP PUBLIC KEY BLOCK : 

-----BEGIN PGP PUBLIC KEY BLOCK-----

UBStcXNLrrB3CTV429OmCB35xiYZNCckQZ8LQ+RkcIetcWUTY5n4oYn+3WGGTvv6
ALCiRIKQgCjV9wFawAUAIPn4Otq+amdvmQYbCTgvWxxpZLHNu2Ixc2z0XsUnKRF3
7Ar3BK0Y72430x4XNtgxePKSeM6yChXyJ5NMGLf7zYBs3al+dpa8HxiWZwyaslRF
moZ3GljtkcRYiVTvDdROwItP
=G3b9

-----END PGP PUBLIC KEY BLOCK-----

Могу ли я вручную добавить комментарий, как показано ниже - скажем, с vim - и это все еще будет в силе? Я знаю, что могу повторить команду gpg(1), чтобы сделать это, но у меня нет под рукой. 

-----BEGIN PGP PUBLIC KEY BLOCK-----

Comment: Hello, World!

UBStcXNLrrB3CTV429OmCB35xiYZNCckQZ8LQ+RkcIetcWUTY5n4oYn+3WGGTvv6
ALCiRIKQgCjV9wFawAUAIPn4Otq+amdvmQYbCTgvWxxpZLHNu2Ixc2z0XsUnKRF3
7Ar3BK0Y72430x4XNtgxePKSeM6yChXyJ5NMGLf7zYBs3al+dpa8HxiWZwyaslRF
moZ3GljtkcRYiVTvDdROwItP
=G3b9

-----END PGP PUBLIC KEY BLOCK-----

Спасибо.

1 Ответ

1 голос
/ 04 ноября 2019

Да, это верно, 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.6+
Comment: Hostname: pgp.key-server.io

Как и выше, регулярно используются теги комментариев и версий, включая другие, согласно RFC4880 , разрешено Ключи заголовка брони включают в себя: 

 - "Version", which states the OpenPGP implementation and version
   used to encode the message.

 - "Comment", a user-defined comment.  OpenPGP defines all text to
   be in UTF-8.  A comment may be any UTF-8 string.  However, the
   whole point of armoring is to provide seven-bit-clean data.
   Consequently, if a comment has characters that are outside the
   US-ASCII range of UTF, they may very well not survive transport.

 - "MessageID", a 32-character string of printable characters.  The
   string must be the same for all parts of a multi-part message
   that uses the "PART X" Armor Header.  MessageID strings should be
   unique enough that the recipient of the mail can associate all
   the parts of a message with each other.  A good checksum or
   cryptographic hash function is sufficient.

   The MessageID SHOULD NOT appear unless it is in a multi-part
   message.  If it appears at all, it MUST be computed from the
   finished (encrypted, signed, etc.) message in a deterministic
   fashion, rather than contain a purely random value.  This is to
   allow the legitimate recipient to determine that the MessageID
   cannot serve as a covert means of leaking cryptographic key
   information.

 - "Hash", a comma-separated list of hash algorithms used in this
   message.  This is used only in cleartext signed messages.

 - "Charset", a description of the character set that the plaintext
   is in.  Please note that OpenPGP defines text to be in UTF-8.  An
   implementation will get best results by translating into and out
   of UTF-8.  However, there are many instances where this is easier
   said than done.  Also, there are communities of users who have no
   need for UTF-8 because they are all happy with a character set
   like ISO Latin-5 or a Japanese character set.  In such instances,
   an implementation MAY override the UTF-8 default by using this
   header key.  An implementation MAY implement this key and any
   translations it cares to; an implementation MAY ignore it and
   assume all text is UTF-8.
...