From 95413cc6edc9e1068c6d985d15202386da67a3fc Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Wed, 27 Jun 2018 15:53:32 +0200
Subject: [PATCH] Fix signatures of messages with leading/trailing whitespace

---
 src/encoding/armor.js      |  8 ++++----
 test/general/openpgp.js    | 18 +++++++++---------
 test/general/testInputs.js |  2 +-
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/encoding/armor.js b/src/encoding/armor.js
index 979e5663..48c3caaa 100644
--- a/src/encoding/armor.js
+++ b/src/encoding/armor.js
@@ -220,13 +220,13 @@ function dearmor(input) {
         while (true) {
           if (resolved) await writer.ready;
           try {
-            let line = await reader.readLine();
-            if (line === undefined) {
+            const lineUntrimmed = await reader.readLine();
+            if (lineUntrimmed === undefined) {
               throw new Error('Misformed armored text');
             }
             // remove trailing whitespace at end of lines
             // remove leading whitespace for compat with older versions of OpenPGP.js
-            line = line.trim();
+            const line = lineUntrimmed.trim();
             if (!type) {
               if (reSplit.test(line)) {
                 type = getType(line);
@@ -248,7 +248,7 @@ function dearmor(input) {
             } else if (!textDone && type === 2) {
               if (!reSplit.test(line)) {
                 // Reverse dash-escaping for msg
-                text.push(line.replace(/^- /, ''));
+                text.push(util.removeTrailingSpaces(lineUntrimmed.replace(/^- /, '').replace(/[\r\n]+$/, '')));
               } else {
                 text = text.join('\r\n');
                 textDone = true;
diff --git a/test/general/openpgp.js b/test/general/openpgp.js
index 28c81987..2a096e4b 100644
--- a/test/general/openpgp.js
+++ b/test/general/openpgp.js
@@ -1550,7 +1550,7 @@ describe('OpenPGP.js public api tests', function() {
             verifyOpt.message = await openpgp.cleartext.readArmored(signed.data);
             return openpgp.verify(verifyOpt);
           }).then(async function (verified) {
-            expect(verified.data).to.equal(plaintext);
+            expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
             expect(verified.signatures[0].valid).to.be.true;
             const signingKey = await privateKey.keys[0].getSigningKey();
             expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
@@ -1575,7 +1575,7 @@ describe('OpenPGP.js public api tests', function() {
             return openpgp.verify(verifyOpt);
           }).then(async function (verified) {
             let signingKey;
-            expect(verified.data).to.equal(plaintext);
+            expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
             expect(verified.signatures[0].valid).to.be.true;
             signingKey = await privateKey.keys[0].getSigningKey();
             expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
@@ -1601,7 +1601,7 @@ describe('OpenPGP.js public api tests', function() {
             verifyOpt.signature = await openpgp.signature.readArmored(signed.signature);
             return openpgp.verify(verifyOpt);
           }).then(async function (verified) {
-            expect(verified.data).to.equal(plaintext);
+            expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
             expect(verified.signatures[0].valid).to.be.true;
             const signingKey = await privateKey.keys[0].getSigningKey();
             expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
@@ -1621,7 +1621,7 @@ describe('OpenPGP.js public api tests', function() {
             verifyOpt.message = await openpgp.cleartext.readArmored(signed.data);
             return openpgp.verify(verifyOpt);
           }).then(async function (verified) {
-            expect(verified.data).to.equal(plaintext);
+            expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
             expect(verified.signatures[0].valid).to.be.null;
             const signingKey = await privateKey.keys[0].getSigningKey();
             expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
@@ -1643,7 +1643,7 @@ describe('OpenPGP.js public api tests', function() {
             verifyOpt.signature = await openpgp.signature.readArmored(signed.signature);
             return openpgp.verify(verifyOpt);
           }).then(async function (verified) {
-            expect(verified.data).to.equal(plaintext);
+            expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
             expect(verified.signatures[0].valid).to.be.null;
             const signingKey = await privateKey.keys[0].getSigningKey();
             expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
@@ -1664,7 +1664,7 @@ describe('OpenPGP.js public api tests', function() {
             verifyOpt.message = signed.message;
             return openpgp.verify(verifyOpt);
           }).then(async function (verified) {
-            expect(verified.data).to.equal(plaintext);
+            expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
             expect(verified.signatures[0].valid).to.be.true;
             const signingKey = await privateKey.keys[0].getSigningKey();
             expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
@@ -1688,7 +1688,7 @@ describe('OpenPGP.js public api tests', function() {
                 verifyOpt.signature = signed.signature;
                 return openpgp.verify(verifyOpt);
             }).then(async function (verified) {
-                expect(verified.data).to.equal(plaintext);
+                expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
                 expect(+verified.signatures[0].signature.packets[0].created).to.be.lte(+openpgp.util.normalizeDate());
                 expect(+verified.signatures[0].signature.packets[0].created).to.be.gte(+start);
                 expect(verified.signatures[0].valid).to.be.true;
@@ -1715,7 +1715,7 @@ describe('OpenPGP.js public api tests', function() {
                 verifyOpt.signature = await openpgp.signature.readArmored(signed.signature);
                 return openpgp.verify(verifyOpt).then(function (verified) {
                   expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
-                  expect(verified.data).to.equal(plaintext);
+                  expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
                   expect(verified.signatures[0].valid).to.be.true;
                   expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, past))
                       .to.be.not.null;
@@ -1725,7 +1725,7 @@ describe('OpenPGP.js public api tests', function() {
                   return openpgp.verify(verifyOpt);
                 }).then(function (verified) {
                   expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
-                  expect(verified.data).to.equal(plaintext);
+                  expect(verified.data).to.equal(openpgp.util.removeTrailingSpaces(plaintext));
                   expect(verified.signatures[0].valid).to.be.true;
                   expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, null))
                       .to.be.not.null;
diff --git a/test/general/testInputs.js b/test/general/testInputs.js
index 2aab3b12..dc0dcacd 100644
--- a/test/general/testInputs.js
+++ b/test/general/testInputs.js
@@ -9,7 +9,7 @@ function createSomeMessage(){
         arr.push(String.fromCharCode(
             Math.floor(Math.random() * 10174) + 1));
     }
-    return arr.join('');
+    return arr.join('').replace(/\r/g, '\n');
 }
 
  module.exports = {