It is possible (so far, [afaik], only for messages done in PGP 2.x) to
separate a signed and encrypted message,
and reconstruct it so that it appears as a clearsigned message,
and verifies as if it were one.
This was originally described by David Hopkins,
in a post to comp.security.pgp.discuss
on Nov./5/2000
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=utf-8&frame=right&th=4a9bf22bdd6e6d76&seekm=qhMN5.48957%2478.15342229%40news3.rdc1.on.home.com#link1
Here is the sequence,
with example messages encrypted to 'receiver', signed by 'sender',
and then separated and reconstructed into
a clearsigned message signed by 'sender'.
{the keypairs for 'sender' and 'receiver' are here:
https://www.angelfire.com/pr/pgpf/sark.html }
(a) the original message is signed and encrypted in PGP 2.6.3 multi 6, as follows:
pgp -seat d:\1cs2.txt -u sender receiver -jpjd
(b) the resulting PGP message, 1cs2.asc , is here:
-----BEGIN PGP MESSAGE-----
Version: PGP 2.6.3ia-multi06 (http://disastry.dhs.org/pgp/)
Comment: signed by Sender, encrypted to Receiver
hQEMA5GKt1Yw9C+pAQf6AnQ9l9siHWKItUlpYYQqFRdbmeWaBPK7aoUb/OAOFAHR
tvaM6lrJi+ayVb8KT0AsNKSR0XUzSkdI8qx+2HhpWO01vNRBYUpMJ5iTkNMi1kpX
yn84h4F23QIepMMIIFVRh4RhejSIgffGzqSOF1XGbht3LqfcFAwwMdIwSBIBFyH+
/afMJW61HxpeR+eZWJ45eCxno9P3d6GGZHX8BMYxBQJl7hs0aE1EiZikyYy3OSzg
9dqH7E09Ipqls1uIEKF2fHm5hA3BRmFq+s8U3D4EmBzXMsHeTTBsXMAjSvpDj/gn
4r1wqg6NedUGY8JuyD9Gg5IDrV6kY6fdA+JWRQuC0qYAAAFa24wR/q3nCxgtNVL2
buRF9+L3hgd0QzlpalfLG2yYFkHrIhqvqvuOGWXVh9QwaCPqt471coLSzjz1bjCH
GuFQrQJnRrFu4GXCTO4E5pjpcxoS1XdDjyTWaKUTQKP1rNucOMG17E3TbX3EigfQ
EUpYLWgmmARy/SLFptF4xD0A/77YlIPvQ2gR7991QteuQ6EZRRU9IStDAa/BOl3W
bYfvhD0W4M9j+ur9IFwcUTxv40beF8cCxFni280Gza6M7Z6IzQePShQNO5fRq5IN
XQc7cw3L0b/Kfvs5PRFSlJYMnElJ3BvcGlwpd08fiIqSBIykSg4DFAm5A9xHcSiP
TXbCeY1hUALX6caqbsknQlsn2YXGOa5rYE0gPSQCq7gCmAwVPRLXad8ZZoSD3eiD
4Jq5O7UHJcb2IV8mn+eZ1HkLjHd0Thgc5GvJl4PvcsDhi67rukZlZpqcy47WBw==
=R1XR
-----END PGP MESSAGE-----
(c) the command: pgp -b d:\1cs2.asc
results (after the passphrase is entered) in two files:
(i) d:\1cs2 (this is the plaintext of the message, openable in notepad)
(ii) d:\1cs2.sig (the separated signature from the signed and encrypted message)
(d) the command : pgp -a d:\1cs2.sig
results in an armored free-standing signature (renamed as d:\1cs2sgsp.asc , in order not to overwrite the original signed and encrypted file) :
-----BEGIN PGP MESSAGE-----
Version: PGP 2.6.3ia-multi06 (http://disastry.dhs.org/pgp/)
Comment: Acts of Kindness better the World, and protect the Soul
iQEVAwUBP0Jn2IFBKc5ib0sNAQMoQwf+ICwxR3rJieGbm6UHn//Ek7VQ0LEUq9hI
dq1h3WiLfUOvNg+U9OpLmBCTh7Uvwo7kTulhZ4CrjwVDjNfnRN7VWImlIZ/kXZO8
sRmLUn61eRCZUwlm2fEq6+Pk/FSV4yUXQU+MKDtc76V5EPlv6yCFQPhDt9EQW+X+
r6gCAFzLu0LWKLeMXXrT8sTNzoHfso28/h7vxjhKHOM4Oq2Rrk50fMWHtUO/Lcgb
zFvIkUJp7xYyqrxVCV9j4Wemgkkwaf0ifKoV5mUmYYgkMq/BM0kAzTEteCcEHlRU
yEZ2hIbLANpt+ql+lyCKiWJ8a/RNUSAxg7xvmR84uh70gXrsk+j80A==
=Fra8
-----END PGP MESSAGE-----
(e) create a reference clearsigned text as a 'template' for the reconstruction:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
reference clearsigned text
-----BEGIN PGP SIGNATURE-----
Version: PGP 2.6.3ia-multi06 (http://disastry.dhs.org/pgp/)
Comment: Acts of Kindness better the World, and protect the Soul
iQEVAwUBP0Pg94FBKc5ib0sNAQPJBAgAlj1VDpzhpT7b/0LLYa3mUfkxX3XJO0me
SL6CvhIzvYjmyb2zoVoXQu2Ai+g7vnRwQQXfjtktemEmqB2e/axgrht8szKiK6XO
9DoZaJnOJ3niJTTwwTBGbHLOdzVRqYk5OqLZFcaN28KZ2EtKzcwWLZ1CQflrnHqC
DUU4oLfugUe21cDUZqr8krmoBqatotaLvT2xlZj5DbI5RXkW6KAfl+/m5cy8lcf5
KMcrHUJkcDqCtbbmsdClFXOn1W9yqW5TG4TJw+/bQP3+ikbOcjOh2zxmRjHnsN9I
JR+84cAyiLtwV1JZGVcvLKxtwUMeZ3oAEj8J0S7io+0PC74xxsPNIw==
=q0zj
-----END PGP SIGNATURE-----
(f) (i) replace the plaintext in the reference template message, with the plaintext from d:\cst2
(ii) replace the signature block of the template message, with the signature block from d:\cst2sgsp.asc,
leaving the header and footer of the template signature block unchanged,
resulting in the following composite reconstruction:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
clearsigned separation test
-----BEGIN PGP SIGNATURE-----
Version: PGP 2.6.3ia-multi06 (http://disastry.dhs.org/pgp/)
Comment: Acts of Kindness better the World, and protect the Soul
iQEVAwUBP0Jn2IFBKc5ib0sNAQMoQwf+ICwxR3rJieGbm6UHn//Ek7VQ0LEUq9hI
dq1h3WiLfUOvNg+U9OpLmBCTh7Uvwo7kTulhZ4CrjwVDjNfnRN7VWImlIZ/kXZO8
sRmLUn61eRCZUwlm2fEq6+Pk/FSV4yUXQU+MKDtc76V5EPlv6yCFQPhDt9EQW+X+
r6gCAFzLu0LWKLeMXXrT8sTNzoHfso28/h7vxjhKHOM4Oq2Rrk50fMWHtUO/Lcgb
zFvIkUJp7xYyqrxVCV9j4Wemgkkwaf0ifKoV5mUmYYgkMq/BM0kAzTEteCcEHlRU
yEZ2hIbLANpt+ql+lyCKiWJ8a/RNUSAxg7xvmR84uh70gXrsk+j80A==
=Fra8
-----END PGP SIGNATURE-----
a free-standing verifiable clearsigned message
