GnuPG and trailing whitespace handling
Bodo_Moeller at public.uni-hamburg.de
Fri Sep 10 03:10:41 CEST 1999
When creating text-mode signatures, gpg 1.0.0 ignores trailing
whitespace, as RFC 2440 requests.
However, when _verifying_ text-mode signatures, gpg 1.0.0 does *not*
ignore trailing whitespace, which makes it incompatible to itself!
This problem can be noticed only for detached signatures, because
otherwise the spaces are actually removed from the message.
For detached signatures, you have to remove spaces manually to verify
I think this was correct in some earlier versions, but the
compatibility hacks seem to have introduced this bug. (PGP versions
up to [at least] 6.0.2 don't handle trailing blanks correctly, they
trim whitespace only for clearsigned messages [also they remove only
spaces, not tabs]; so the verification procedure according to RFC 2440
will often determine that a signature is bad when in fact it is a
"good" PGP signature, but on data with too much whitespace in it.)
More information about the Gnupg-devel