Sign function incorrectly strips one trailing CRLF

isislovecruft / python-gnupg

A modified version of python-gnupg, including security patches, extensive documentation, and extra features.

Other

426 stars 171 forks source link

Sign function incorrectly strips one trailing CRLF #286

Open Avamander opened 1 year ago

Avamander commented 1 year ago

When trying to generate a valid signature according to RFC3156 I stumbled upon the fact that the last \r\n of the bytes given to sign are stripped.

Example:

text = "example text\r\n".encode()
signature = sign(text)
assert verify(signature, text) == True

> AssertionError

Workaround:

text = "example text\r\n".encode()
signature = sign(text + "\r\n".encode())
assert verify(signature, text) == True