Invalid signature if messages contain long lines starting with '-'
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
#3 Invalid signature if messages contain long lines starting with '-'
fixed
None
1.4.1
Minor
All
1.8.0
nobody
2014-09-11
2012-08-05
No
Bug 4251 migrated from Mozdev.org
A long line (i.e. longer than the line wrapping value) consisting of dashes "-"
is translated in "- next line long line with dashes" thus giving a bad
signature. Using PGP/MIME doesn't give any problem at all.
It is confirmed that this problem only appears in connection with the dash
character (-) and long lines and without using PGP/MIME.
------- Comment #1 From Patrick Brunschwig 2005-04-14 07:06:43 [reply] -------
*** Bug 9829 has been marked as a duplicate of this bug. ***
------- Comment #2 From Patrick Brunschwig 2005-04-14 07:07:40 [reply] -------
see bug 9829 for more examples that can break the signature validity.
------- Comment #3 From George 2008-03-12 17:55:59 [reply] -------
I get bad signature verification failures on any email with a line that is too
long.
------- Comment #4 From Klaus Ramstöck 2009-01-29 06:27:23 [reply] -------
I'm using Thunderbird 2.0.0.19 and enigmail 0.95.7 and I have the same problem
------- Comment #5 From Olav Seyfarth 2010-06-16 04:21:22 [reply] -------
Issue still there in Enigmail 1.1 with Thunderbird 3.1
Related
Diff:
Behaviour has changed, but is not good either: gpg complains about "bad armor" at verification:
gpg: Ungültige mit Bindestrich "escapte" Zeile:
-------------------------------------------------------------------------------------------------------\n
gpg: Unerwartete ASCII-Hülle:
-----BEGIN PGP SIGNATURE-----\n
[GNUPG:] BADARMOR
gpg: Ungültige ASCII-Hülle
Maybe we should check line length(s) after rewrapping. If still longer than $LIMIT, we should hard break the line(s) at $LIMIT until they are shorter before feeding it to gpg.
Line wrapping has been improved, and a dialog lets the user now choose between various options.