doubt in clear text signing

Werner Koch wk at
Fri Feb 2 14:51:02 CET 2007

On Fri,  2 Feb 2007 13:33, sravan at said:

> I have a question related to clear signing. As per the standard(rfc
> 2440), a signature of type 'Canonical text document' should be generated
> after removing any trailing spaces and making the line endings as '\r
> \n'. Is this the case with clear text signatures generated by gpg?

Yes, we don't include trailing ASCII spaces, tabs, CR and the LF when
calculating the hast of a clear signed message.  The constant string
of a CR and a LF is then hashed.  Note, that this is different from
regular signatures created in textmode - the story behind them is more

> Also, when i generate a signature(actually, i am signing and encrypting)
> for some data that doesn't contain a newline at the end, gpg inserts one
> at the end.
> Will this last new line considered a part of the signed data?

No the last line feed is not part of the signature.  See the code in
g10/textfilter.c.  To avoid interpretation problems gpg always ends
alinefeed to a message which does not end in one.  A clear signed
message is intended for human consumption and should not be used if
you need to be sure that the verbatim text gets signed.



More information about the Gnupg-users mailing list