New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Drop support for verification of detached cleartext signatures #1265
Conversation
Hello - is there an issue associated that clarifies this change? This seems like something we have a usecase for, but I may have missed something. |
I'll add details later |
For additional context, in OpenPGP.js v3, if you did: await openpgp.sign({
data: 'test ',
privateKeys,
detached: true
}); then it would internally construct a cleartext message, and detached-sign it. Logically speaking, this doesn't make much sense, since a detached cleartext signature doesn't exist, it's just a detached signature. Practically speaking, it doesn't much matter; the only difference between a cleartext signature and a normal signature is that for the former, we strip trailing spaces from each line (the spec requires this for cleartext signatures, but not for detached signatures - or text signatures in general). In OpenPGP.js v4, we switched to passing messages instead of data (this was necessary for streaming support, since when passing a stream, it's not obvious whether it contains text or binary data, hence the await openpgp.sign({
message: openpgp.cleartext.fromText('test '),
privateKeys,
detached: true
}); (if you wanted to keep the same behavior of removing trailing spaces - otherwise, In OpenPGP.js v5, to keep the same behavior, you'll have to do: await openpgp.sign({
message: openpgp.Message.fromText(removeTrailingSpaces('test ')),
privateKeys,
detached: true
}); (with This is more verbose, but at least now it's obvious what's going on. In principle, we'd prefer people just use The above change has already been done in the v5 branch, this PR does the same for |
6ee7610
to
fca2daf
Compare
For posterity: the original example code was unfortunately not quite complete in all cases. I've updated the PR description above with code examples and an explanation of the cases in which it's needed. For additional details, read on: Creating a cleartext message also normalized the newlines to Unfortunately, the behavior prior to v3.0.9 was again different. Prior to that version, OpenPGP.js would also remove trailing spaces in lines with All of this is mostly only relevant for PGP/MIME signatures, which should have trailing spaces stripped and newlines normalized to Apologies for the confusion! (The reason we went to all this trouble, though, and the main advantage of having all this logic spelled out in the application, rather than hidden away in OpenPGP.js, is that this logic cleanly maps from the PGP/MIME specification, RFC 3156, which is separate from the OpenPGP specification, and having this logic in the application makes it easier to verify that the application matches the behavior required for its specific use-case.) |
When verifying cleartext messages, it is no longer possible to pass the signature separately -- this is because a cleartext message in itself should include the signature.
In the past, we allowed to detach-sign a cleartext message, so we have kept supporting verifying detached cleartext signatures up until now. However, the concept of "detached cleartext signature" does not make sense.
In practice, given a signed cleartext message:
it should be verified as:
With this PR, the following is no longer supported:
if you have a detached signature over some cleartext data (generated using previous versions of OpenPGP.js), you can still verify it by passing a
Message
generated from the text data, with trailing spaces removed:(with
removeTrailingSpaces
copied from here, for example).Update from the future: detached cleartext signatures containing trailing whitespace followed by
\r\n
line endings are affected by the normalization issue fixed in #1548, asopenpgp.CleartextMessage.fromText('...')
would incorrectly normalize some data since v3.0.9. To verify a detached text signature generated prior to OpenPGP.js v3.0.9, use the version ofremoveTrailingSpaces
from here, instead.Another update from the future: when verifying binary signatures over text data (generated by other OpenPGP implementations - OpenPGP.js always generates text signatures over text data), the above is still not quite complete. Creating a cleartext message object would also normalize the newlines to
\r\n
. Hence, if there's a chance that the text was changed from\r\n
to\n
newlines during transport (after signing but before verification), the newlines need to be normalized back to\r\n
manually. Here's a full example using OpenPGP.js v5 to verify such a signature: