signature/verification fails if text is itself a PGP key

[getify]

I tried to sign the text "abc" and then verify the signature, and everything worked fine. Then I tried to sign text that was itself a PGP public-key, in its armored text format as outputted by key.publicKeyArmored after a openpgp.generateKey(options) (RSA key). The signature seems to work fine, but the verification fails:

TypeError: Error verifying cleartext signed message: signature.verify is not a function

Any idea why this would be happening? Is there some reason you can't sign a public key itself? I assumed I could sign basically any text I wanted.

[tomholub]

I think you are hitting this bug related to escaping the signed text: #512

OpenPGP spec had escaping of dashes defined in it AFAIK, which may have not been implemented in OpenPGP.js based on the behavior - I have not checked any related code to confirm this though.

[twiss]

Escaping of dashes was indeed slightly broken: a410177. (Not yet merged, should be soon-ish.)

[getify]

@twiss I just manually patched the change from that commit, and indeed it addressed my problem here. any ETA on when this lands in a new release of openpgpjs? blocker for me right now.

[sanjanarajan]

@getify we will make a release with the fix today

[getify]

Updated to 3.0.8, bug is fixed. Thanks so much!

[tomholub]

Thanks @sanjanarajan !