Using digital signature to secure QR code

Question

I was looking for something like "inverted asymmetric cryptography" and came across a great post, which actually covers what I need.

I want every user of my application has a public key allowing them to decrypt the message hidden in QR code which was encrypted with my private key. I want to make sure my system cannot be deceived by a fake QR code covering mine. Accepted answer suggests using digital signature so I googled Java tutorial, showing how to use that feature.

Here comes a little misunderstanting. I thought that using a digital signature, there would be a simple situation (let's call it a Situation A):

1. Message is encrypted with private key
2. User reads encrypted message
3. User uses the public key to decrypt message.

However, my understanding is the digital signature works more like:

1. A digital signature is created using the private key and the message.
2. User needs the original message and the signature file.
3. User uses the digital signature to verify the message wasn't changed and comes from me.

Am I right here? If so, how can I put both my message and signature in a QR code? Things seemed pretty easy in case of Situation A as I simply could encode the encrypted message using Base64 and put the result in the QR code. However, it looks like I can't do the same thing without using tricks like encode message, encode signature, put them in one file, encode it, put the result in the code. How can I do so then?

Oh, there is also an answer from question "QR code security" saying:

You can put anything you want in a QR code, including Base-64 encoded bytes representing a signed document. No reader will know what to do with it; you'd have to write a custom app that scans and then knows to decode it and act accordingly.

According to the tutorial mentioned earlier it looks like the signed document itself is not enough though.

Answer 1

When I asked this question, I assumed there is some kind of good habit or something similar. Since there is not one provided, I decided to use my own solution, a little similar to DarkSquirrel42's suggestion.

I created my own encoder and decoder. Actually, I used exactly the same trick I described in my original post.

1. Sign my message
2. Encode both message and the signature using base64

3. Combine both strings in one string like this

   base64(message)-base64(signature)
   

4. Base64() the String above like this:

   base64(base64(message)-base64(signature))
   

5. Put that encoded string in a QR code.

6. My decoder - I decode first layer of base64, split the result string on message and signature parts (that's why there is a hyphen in 3.) and then I pass the message to an appropriate handler if the signature is correct.