diff --git a/examples/clearsign.php b/examples/clearsign.php index ead57e0..686af02 100644 --- a/examples/clearsign.php +++ b/examples/clearsign.php @@ -7,8 +7,11 @@ require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php'; $wkey = OpenPGP_Message::parse(file_get_contents('php://stdin')); $wkey = $wkey[0]; +$string = "This\nis\na\ntest."; + /* Create a new literal data packet */ -$data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt')); +$data = new OpenPGP_LiteralDataPacket($string, array('format' => 'u', 'filename' => 'stuff.txt')); +$data->normalize(true); // Clearsign-style normalization of the LiteralDataPacket /* Create a signer from the key */ $sign = new OpenPGP_Crypt_RSA($wkey); @@ -19,6 +22,9 @@ $m = $sign->sign($data); /* Generate clearsigned data */ $packets = $m->signatures()[0]; echo "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n"; +// Output normalised data. You could convert line endings here +// without breaking the signature, but do not add any +// trailing whitespace to lines. echo preg_replace("/^-/", "- -", $packets[0]->data)."\n"; echo OpenPGP::enarmor($packets[1][0]->to_bytes(), "PGP SIGNATURE"); diff --git a/lib/openpgp.php b/lib/openpgp.php index b8e1565..43a8f0f 100644 --- a/lib/openpgp.php +++ b/lib/openpgp.php @@ -1702,10 +1702,19 @@ class OpenPGP_LiteralDataPacket extends OpenPGP_Packet { $this->timestamp = isset($opt['timestamp']) ? $opt['timestamp'] : time(); } - function normalize() { + function normalize($clearsign=false) { + if($clearsign && ($this->format != 'u' && $this->format != 't')) { + $this->format = 'u'; // Clearsign must be text + } + if($this->format == 'u' || $this->format == 't') { // Normalize line endings $this->data = str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", $this->data))); } + + if($clearsign) { + // When clearsigning, do not sign over trailing whitespace + $this->data = preg_replace('/\s+\r/', "\r", $this->data); + } } function read() {