gpg --decrypt strips space (but not CR) from clearsigned text

David Shaw dshaw at
Fri Jul 11 02:22:09 CEST 2008

On Jul 10, 2008, at 7:06 AM, Brian Candler wrote:

> (gpg version 1.4.6, Ubuntu 8.06)
> When I generate a clearsigned document, the signature is insensitive  
> to
> adding extra spaces, tabs or CR (0x0D) to the end of each line. This  
> is all
> fine and in accordance with RFC 2440.
> The clearsigned document retains the extra spaces, tabs and CRs  
> exactly as
> they were in the source document.
> However, if I pass this clearsigned document to "gpg --decrypt" and  
> redirect
> stdout to a file, I find that the extra spaces and tabs are stripped,
> although a trailing CR is retained.

This is correct, and is as per the standard.  Section 7 of RFC-4880:  
"Note that this framework is not intended to be reversible."

Note that the trailing CR is not actually retained.  Rather, the end- 
of-line marker is made to be correct for your platform.  Depending on  
that platform it might be a CR, a LF, or a CRLF.

The only way to get out byte-for-byte exactly what you put in is a  
regular, non-clearsigned, non-textmode, signature.


More information about the Gnupg-devel mailing list