one-pass signature packet "nested" flag
RFC 4880 describes the last field in a v3 OPS as:
- A one-octet number holding a flag showing whether the signature is nested. A zero value indicates that the next packet is another One-Pass Signature packet that describes another signature to be applied to the same message data.
I suspect some implementations ignore this flag, and just make decisions on the basis of the tag of the next packet. Other implementations may be stricter about requiring this flag to be set correctly.
A good test would have a valid signing keys, and have several sequences of signatures. OPSv3/0
means the final flag octet is set to zero, and OPSv3/1
means it is set to 1, etc. LD
means Literal Data packet. Here are some interesting sequences:
-
OPSv3/1
LD
Sigv4
(base case) -
OPSv3/0
LD
Sigv4
(wrong flag) -
OPSv3/23
LD
Sigv4
(unusual flag) -
OPSv3/0
OPSv3/1
LD
Sigv4
Sigv4
(base case for dual sigs) -
OPSv3/0
OPSv3/0
LD
Sigv4
Sigv4
(dual sigs, wrong tail) -
OPSv3/1
OPSv3/1
LD
Sigv4
Sigv4
(dual sigs, wrong head) -
OPSv3/1
OPSv3/0
LD
Sigv4
Sigv4
(dual sigs, inverted flags) -
OPSv3/0
OPSv3/23
LD
Sigv4
Sigv4
(dual sigs, unusual flag)