On Fri, 2 Feb 2007 13:33, [EMAIL PROTECTED] said: > I have a question related to clear signing. As per the standard(rfc > 2440), a signature of type 'Canonical text document' should be generated > after removing any trailing spaces and making the line endings as '\r > \n'. Is this the case with clear text signatures generated by gpg?
Yes, we don't include trailing ASCII spaces, tabs, CR and the LF when calculating the hast of a clear signed message. The constant string of a CR and a LF is then hashed. Note, that this is different from regular signatures created in textmode - the story behind them is more complicate. > Also, when i generate a signature(actually, i am signing and encrypting) > for some data that doesn't contain a newline at the end, gpg inserts one > at the end. > Will this last new line considered a part of the signed data? No the last line feed is not part of the signature. See the code in g10/textfilter.c. To avoid interpretation problems gpg always ends alinefeed to a message which does not end in one. A clear signed message is intended for human consumption and should not be used if you need to be sure that the verbatim text gets signed. Salam-Shalom, Werner _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
