Missing 'END PGP MESSAGE' not detected
dshaw at jabberwocky.com
Wed Jan 19 19:32:00 CET 2011
On Jan 19, 2011, at 1:20 PM, Werner Koch wrote:
> On Wed, 19 Jan 2011 17:46, dshaw at jabberwocky.com said:
>> Not really (or at least, not within GnuPG). The thing is, it doesn't
>> really matter in practice. OpenPGP has its own corruption detection
>> called a MDC, that applies even if part of the armor (the "END PGP
>> MESSAGE") is missing. A truncated message won't decrypt.
> In addition all armored PGP messages use CRC for the armor. GPG
> complains about a missing or invalid CRC (unless option
> --ignore-crc-error) is used. In such a case the return code will always
> be nonzero.
If I remember correctly, GPG only complains for invalid CRC. A missing CRC is legal, as the CRC is a MAY.
More information about the Gnupg-users