You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PGP Dash-Escaped Text is still parsed for the PGP signature. Note that the File Format Description and ABNF Grammar of RFC 9116 explicitly only allows - in the cleartext part, not the signature. Specific problematic code that currently only checks if it's signed and not still reading the hash-header:
Solution would be some cleartext variable to be set and reset per line if - is parsed, not to parse - -----END PGP SIGNATURE----- as valid, which is currently the case. There seems to be no need to ever use - escaping in sectxt, since all lined should either start with a field name or # comment. Probably it is there to be compatible with other PGP tooling.
The text was updated successfully, but these errors were encountered:
With the new release a pgp formatter checker is added using the PGPy module which checks the OpenPGP message specification in accordance with RFC 4880.
A dash escape within the signature will result in a pgp_data_error
PGP Dash-Escaped Text is still parsed for the PGP signature. Note that the File Format Description and ABNF Grammar of RFC 9116 explicitly only allows
-
in thecleartext
part, not thesignature
. Specific problematic code that currently only checks if it's signed and not still reading thehash-header
:sectxt/sectxt/__init__.py
Lines 135 to 137 in 79bb386
Solution would be some
cleartext
variable to be set and reset per line if-
is parsed, not to parse- -----END PGP SIGNATURE-----
as valid, which is currently the case. There seems to be no need to ever use-
escaping in sectxt, since all lined should either start with a field name or#
comment. Probably it is there to be compatible with other PGP tooling.The text was updated successfully, but these errors were encountered: