Re: [Gnu-arch-users] signatures and checking

[Johannes Berg]

--------- Original Message --------
From: Tom Lord <address@hidden>
To: address@hidden <address@hidden>
Cc: address@hidden
Subject: Re: [Gnu-arch-users] signatures and checking
Date: 27/01/04 15:30

>> There's a patch to do most of this, and to use gpg to extraxt
>> the data.  I've yet to review it.

I wrote that patch. It basically takes (I hope) the output of the checking
rule (don't use --verify for gpg then!) to be the checksum data, or the
complete file if no checking rule exists.


> Under what conditions?  We're throwing a pretty conservative syntax at it.

Here's the relevant part of the RFC (2440)

Dash escaped cleartext is the ordinary cleartext where every line
starting with a dash '-' (0x2D) is prefixed by the sequence dash '-'
(0x2D) and space ' ' (0x20). This prevents the parser from
recognizing armor headers of the cleartext itself. The message digest
is computed using the cleartext itself, not the dash escaped form.

As with binary signatures on text documents, a cleartext signature is
calculated on the text using canonical <CR><LF> line endings.  The
line ending (i.e. the <CR><LF>) before the '-----BEGIN PGP
SIGNATURE-----' line that terminates the signed text is not
considered part of the signed text.

Also, any trailing whitespace (spaces, and tabs, 0x09) at the end of
any line is ignored when the cleartext signature is calculated.

Therefore, we're safe unless we
a) depend on space (tla doesn't afaik)
b) create lines starting with "-" (neither does it do this).

Therefore, the approach I outlined above (and implemented in my patch
barring errors for unsigned archives which I forgot to test) should work at
least with gpg.

Bottom line: I think its sufficient to handle it in a way my patch does.

johannes