Cleartext Signatures Considered Harmful

Cleartext Signatures Considered Harmful Posted December 26, 2025 by Werner Since the very first PGP versions from the early 1990ies PGP and all other implementations support a thing called cleartext signature. It is very likely that you stumble upon one even these days. Here is an example message: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Far out in the uncharted backwaters of the unfashionable end of the western spiral arm of the Galaxy lies a small unregarded yellow sun. -----BEGIN PGP SIGNATURE----- iJEEARYKADkWIQSHd0YfKgdOvEgNNZQZzByeCFsQegUCaU5mGhsUgAAAAAAEAA5t YW51MiwyLjUrMS4xMSwyLDIACgkQGcwcnghbEHq27gEAqE+Cw1FmIlDXyzc1+5K8 3e60/3TjpqpFmkmuot8ZROMBAIrQXMhfN3gr7jdsxLuV1L7+IzHSRyUMlelZSnAs k+AL =kCuN -----END PGP SIGNATURE----- The benefit of such a cleartext signature is that the signed text is immediately readable without the need for any special tools. If processed using a *PGP tool it is even possible to verify the origin and of the text and whether it hash been modified. However the latter is not as easy as one might think. For example the encoding has some peculiarities like escaping lines starting with a dash or the the string "From ", but it is nevertheless still readable. Far worse is that almost all terminal software support escape codes to do funny things (you likely use them as part of your Unix prompt). Thus naively verify a signature and assuming that the signed test is what you see on the terminal is wrong . The only way to tell what has been signed is to process the entire message with a *PGP tool which gives you the actual signed output without any escaping. This needs to be viewed and further processed. For example with GnuPG you need to do this: gpg --verify -o signed.txt message.asc or gpgv -o signed.txt message.asc This takes the entire clearsigned (or standard signed message), prints a verification status, and puts the signed text into the file signed.txt : gpg: Signature made Fri 26 Dec 2025 11:40:26 AM CET gpg: using EDDSA key 8777461F2A074EBC480D359419CC1C9E085B107A gpg: Good signature from "wk@gnupg.org" [ultimate] [...] If the printed diagnostics shows that the signature is good and from a key you trust , you may further process the output as stored in the file signed.txt . If you get verification result for several keys, they all signed the same text. The second form uses the gpgv tool which should be used by scripts because it only verifies against keys found in the dedicated files trustedkeys.gpg or trustedkeys.kbx and returns success only if the signatures are good and made by one of those keys. Note that the gpg option --assert-signer can replace the use of the gpgv tool. Cleartext signatures look easy but are hard to get right. The important point to remember is that you need to know what has been verified by the shown signature. If you want to sign something, please use a detached signature or for mail use PGP/MIME along with a proper mail client. Except for legacy purposes you should not use cleartext signatures. To verify a detached signature you use one of these commands: gpg --verify message.sig message.txt gpgv message.sig message.txt Thus...

Preview: ~500 words