doubt in clear text signing
Werner Koch
wk at gnupg.org
Fri Feb 2 14:51:02 CET 2007
On Fri, 2 Feb 2007 13:33, sravan at atc.tcs.com said:
> I have a question related to clear signing. As per the standard(rfc
> 2440), a signature of type 'Canonical text document' should be generated
> after removing any trailing spaces and making the line endings as '\r
> \n'. Is this the case with clear text signatures generated by gpg?
Yes, we don't include trailing ASCII spaces, tabs, CR and the LF when
calculating the hast of a clear signed message. The constant string
of a CR and a LF is then hashed. Note, that this is different from
regular signatures created in textmode - the story behind them is more
complicate.
> Also, when i generate a signature(actually, i am signing and encrypting)
> for some data that doesn't contain a newline at the end, gpg inserts one
> at the end.
> Will this last new line considered a part of the signed data?
No the last line feed is not part of the signature. See the code in
g10/textfilter.c. To avoid interpretation problems gpg always ends
alinefeed to a message which does not end in one. A clear signed
message is intended for human consumption and should not be used if
you need to be sure that the verbatim text gets signed.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list