openpgp: Fix the cleartext signature framework.
- Previously, we considered the line break immediately before the signature marker to be part of the signature. This is not correct. See Section 7.1 of RFC4880:
The line ending (i.e., the <CR><LF>) before the '-----BEGIN PGP
SIGNATURE-----' line that terminates the signed text is not
considered part of the signed text.- This interpretation allows us to preserve the final newline in the signed text. See sequoia-sop#16 (closed) where dkg requests:
[...] if a trailing newline goes in, a trailing newline comes
out.-
The previous interpretation required very careful handling of the trailing line break, making sure it is not hashed. This was complicated by the fact that line breaks may use two characters, and the two characters may straddle reads/writes. So, this change of interpretation makes the code quite a bit simpler.
-
To clarify, signing the four octet string "test" yields a message looking like
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
test
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----Whereas signing the five octet string "test\n" now yields
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
test
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE------
It is worth pointing out that GnuPG does something similar to what we did before: it makes sure any signed text ends in a line break (see
copy_clearsig_text), but "swallows" this newline by using it as delimiter between text and signature (seeclearsign_filewhere no explicit newline is emitted before the armor filter is pushed and the signatures are emitted).When verifying a message, GnuPG will emit the final line break, being very careful not to hash it (see
handle_plaintext).The result is that any message signed by GnuPG seems to end in a line break when verified by GnuPG, but will never end in a line break when verified with Sequoia (or any other implementation that considers the signature-separating line break to be not part of the message, like OpenPGP.js). Signature validity is not affected.