Cleartext signing with CR character.

David Shaw dshaw at jabberwocky.com
Wed Feb 5 07:02:34 CET 2014


On Feb 4, 2014, at 5:57 PM, alex <abc3def at gmail.com> wrote:

> Hello.
> 
> I am trying to generate a cleartext signed message using BouncyCastle. And I validate results using GnuPGP. I have a problem with CR (\r) characters.
> 
> The data on input
>     "A\rB" 
> 
> I write such text into cleartext section
>     "-----BEGIN PGP SIGNED MESSAGE-----\r\n"
>     "Hash: SHA1\r\n"
>     "A\rB\r\n" 
>     "-----BEGIN PGP SIGNATURE-----\r\n"
>     
> Then I compute signature from string
>     "A\rB"
> 	
> and write the remaining of the "PGP SIGNATURE" section...
>     
> Then I try to validate result message using 
>     "gpg2 --verify 01.asc" 
>     
> but I get this error:
>     "BAD signature" 
> 
> 	
> The main question that I have is: "If I ask GnuPGP to sign/verify "A\rB" text, what bytes will it send to signature generator?"

Have you tried "A\r\nB" ?

This is the standard canonicalization of text in OpenPGP where line endings are converted to CRLF.  Signatures for clearsigned documents are sigclass 0x01, so are canonicalized.

David




More information about the Gnupg-devel mailing list