Today I tried to create a new key for my aur-packages and upload it to aur4:

Steps to reproduce:
cd ~/.ssh
ssh-keygen -b 4096 -f aurkey -C "Aur4 key"
xclip aurkey.pub
(visit https://aur4.archlinux.org/account/<username>/edit/)
paste key and click "update"

Result:
"The SSH public key is invalid."

Expected Result:
My key should be accepted

"Debugging" around shows that:
ssh-keygen -b 4096 -f aurkey -C "Aur4key"
works, while
ssh-keygen -b 4096 -f aurkey -C "Aur4 key"
does not.

So the issue stems from the whitespace in the comment section.

Some shallow research hints that there is no cleanly defined standard for the .pub format, but "man ssh-keygen" hints at "The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006", which features an alternate representation for the pubkey. This RFC demands that all implemenations MUST work with unqouted comment strings using more or less arbitrary content there. I don't know whether this extends to the ".pub" fileformat as well, but if so, this should be fixed. Either way, I've been using keys with whitespace for various purposes in the past and they worked flawlessly, so at least I did not even consider that this could be a possible cause for trouble...

Recommended fix:
If comments containing whitespace are allowed for .pub-keys:
Please accept keys using that structure in your validation

else:
Make the error-message more explicit in that case, e.g. "The SSH public key is invalid: Whitespace encountered in comment", to save your future maintainers some debugging work.