gpg --decrypt strips space (but not CR) from clearsigned text

Brian Candler B.Candler at
Fri Jul 11 08:39:58 CEST 2008

On Thu, Jul 10, 2008 at 08:22:09PM -0400, David Shaw wrote:
> This is correct, and is as per the standard.  Section 7 of RFC-4880:  
> "Note that this framework is not intended to be reversible."

True - but I'd argue it's still inconsistent that --clearsign doesn't change
the cleartext, but --decrypt does.

RFC-4880 also says "any trailing whitespace ... is removed when the
cleartext signature is generated". gpg --clearsign doesn't modify the text
body in this way, although it does do it to the version of text body which
goes into the hash calculation of course.

> Note that the trailing CR is not actually retained.  Rather, the end- 
> of-line marker is made to be correct for your platform.  Depending on  
> that platform it might be a CR, a LF, or a CRLF.

That's not the behaviour I observe. For each incoming line, if it ends with
CRLF it is passed through as CRLF; but if it ends with LF only then it is
passed through as LF only.


perl -e 'print "One\nTwo\r\n"' >testfile
gpg --clearsign testfile
gpg --decrypt testfile.asc >testfile2

$ hexdump -C testfile
00000000  4f 6e 65 0a 54 77 6f 0d  0a                       |One.Two..|
                   ^^          ^^^^^^
$ hexdump -C testfile2
00000000  4f 6e 65 0a 54 77 6f 0d  0a                       |One.Two..|
                   ^^          ^^^^^^

I've not tried this with any platform other than Unix however, so perhaps
you observe different behaviour under Windows etc.



More information about the Gnupg-devel mailing list