bad signature on clear signing

Tenui tenui@ifrance.com
Sun Dec 15 00:08:02 2002


--=====================_8685298==_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

On Sat, 14 Dec 2002 01:49:31 +0100 Ingo Kl=F6cker=
 <ingo.kloecker@epost.de>wrote:

>BTW, to find the differences between the messages you should use a
>hex-viewer.

Thanks for the tip, Ingo. The hexdump shows that somewhere between the=
 Outbox and the recipient four extra bytes are added to the clear-signed=
 message (see the attached file). The extra bytes are
added to the hash and the version information.

The signature checks out good in the current window of the mailer before=
 sending, also in the
Outbox before and after sending. Also if I save the signed message as a text=
 file and send it as an=20
attachment, the signature is good.

Cheers

--=20
Tenui
PGP key: http://www.tenui.tk/keys/0x4E19C1FF.asc
3A6F F173 43E5 6DC4 48BA FF96 0FB9 7EF0 4E19 C1FF=20
--=====================_8685298==_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="Re bad signature on clear signing.txt"

The mail programs Eudora 5.2 and Outlook Express 6 are both adding
two extra bytes =93Od 0a=94 in line 00002d and line 0000b4

000000  2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 47 50 20  -----BEGIN PGP=20
00000f  53 49 47 4e 45 44 20 4d 45 53 53 41 47 45 2d  SIGNED MESSAGE-
00001e  2d 2d 2d 2d 0d 0a 48 61 73 68 3a 20 53 48 41  ----..Hash: SHA
00002d  31 0d 0a 0d 0a 0d 0a 74 65 73 74 69 6e 67 20  1......testing=20
00003c  31 20 0d 0a 74 65 73 74 69 6e 67 20 32 20 20  1 ..testing 2 =20
00004b  0d 0a 74 65 73 74 69 6e 67 20 33 20 20 20 0d  ..testing 3   .
00005a  0a 2d 20 2d 2d 20 65 6e 64 0d 0a 2d 2d 2d 2d  .- -- end..----
000069  2d 42 45 47 49 4e 20 50 47 50 20 53 49 47 4e  -BEGIN PGP SIGN
000078  41 54 55 52 45 2d 2d 2d 2d 2d 0d 0a 56 65 72  ATURE-----..Ver
000087  73 69 6f 6e 3a 20 47 6e 75 50 47 20 76 31 2e  sion: GnuPG v1.
000096  32 2e 31 2d 6e 72 31 20 28 57 69 6e 64 6f 77  2.1-nr1 (Window
0000a5  73 20 32 30 30 30 29 20 2d 20 47 50 47 73 68  s 2000) - GPGsh
0000b4  65 6c 6c 20 76 32 2e 36 35 0d 0a 0d 0a 0d 0a  ell v2.65......
0000c3  69 44 38 44 42 51 45 39 2b 73 32 67 44 37 6c  iD8DBQE9+s2gD7l

--=====================_8685298==_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="Re bad signature on clear signing.txt"

The mail programs Eudora 5.2 and Outlook Express 6 are both adding
two extra bytes =93Od 0a=94 in line 00002d and line 0000b4

000000  2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 47 50 20  -----BEGIN PGP=20
00000f  53 49 47 4e 45 44 20 4d 45 53 53 41 47 45 2d  SIGNED MESSAGE-
00001e  2d 2d 2d 2d 0d 0a 48 61 73 68 3a 20 53 48 41  ----..Hash: SHA
00002d  31 0d 0a 0d 0a 0d 0a 74 65 73 74 69 6e 67 20  1......testing=20
00003c  31 20 0d 0a 74 65 73 74 69 6e 67 20 32 20 20  1 ..testing 2 =20
00004b  0d 0a 74 65 73 74 69 6e 67 20 33 20 20 20 0d  ..testing 3   .
00005a  0a 2d 20 2d 2d 20 65 6e 64 0d 0a 2d 2d 2d 2d  .- -- end..----
000069  2d 42 45 47 49 4e 20 50 47 50 20 53 49 47 4e  -BEGIN PGP SIGN
000078  41 54 55 52 45 2d 2d 2d 2d 2d 0d 0a 56 65 72  ATURE-----..Ver
000087  73 69 6f 6e 3a 20 47 6e 75 50 47 20 76 31 2e  sion: GnuPG v1.
000096  32 2e 31 2d 6e 72 31 20 28 57 69 6e 64 6f 77  2.1-nr1 (Window
0000a5  73 20 32 30 30 30 29 20 2d 20 47 50 47 73 68  s 2000) - GPGsh
0000b4  65 6c 6c 20 76 32 2e 36 35 0d 0a 0d 0a 0d 0a  ell v2.65......
0000c3  69 44 38 44 42 51 45 39 2b 73 32 67 44 37 6c  iD8DBQE9+s2gD7l

--=====================_8685298==_--