Closed Bug 1216485 Opened 10 years ago Closed 10 years ago

Can't send S/MIME mail if certificate has SHA-1 signature algorithm

Categories

(Thunderbird :: Security, defect)

Product:
Thunderbird
Component:
Security
Version:
38 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: h.goebel, Unassigned)

Details

(Keywords: regression)

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Build ID: 20150922210730 Steps to reproduce: Sending S/MIME encrypted mails fails for most recipients: The recipients certificate is not accepted. The recipient's certificates and the related CA are installed and valid. I found that for the failing recipients, the signing algorithm is SHA-1 (both person and CA). While the non-failing recipients have least SHA-256 (both person and CA) S/MIME was working well in TB 31.7.0. And when downgrading the Thunderbird RPM package (no other dependencies, no libs) back to 31.7.0, S/MIME still works. How to test ------------------- A) When composing a message, select S/MIME -> Security information. Here the recipients of the message will be listed with status "not found", even if the certificate *is* existing and valid. B) In the certificate manager Click "Persons" -> choose a person -> click "Edit Trust". Then a requester containing the "Edit CA Trust" button is displayed. Now if you click this button, you'll get the error message "Certificate for this certificate authority was not found", even if the certificate *is* installed and is valid, and S/MIME encryption for this person's certificate worked earlier. Related Debian bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769294
Yes, SHA-1 signatures are no longer secure and the support has been discontinued, see bug 1018259.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Component: Untriaged → Security
Keywords: regression
Resolution: --- → INVALID
If I get it the right way, bug 1018259 was only about the hash function which is being used to hash the message content. But to me it looks like Thunderbird is still accepting sha-1 signed certificates. At least for signing and encrypting messages. Please have a look at the attached screenshots, which I created using openSUSE 42.2 with KDE/Plasma 5.8 and Thunderbird 45.7.0. http://picpaste.de/received_sha1.png http://picpaste.de/send_sha1.png As you can see, verifies the received sha-1 signed message and also encrypts a message with a sha-1 certificate. Conclusion: I can't reproduce the behavior described by h.goebel. But actually what h.goebel described as the correct behaviour (which I can't reproduce), should be the present behavior, blocking sha-1 certificates. By the way: Does Thunderbird block sha-1 certificates when connecting to IMAP/SMTP/POP3 servers via SSL/STARTTLS!? And is there something for Thunderbird like the security.pki.sha1_enforcement_level setting in Firefox? For SSL/STARTTLS connections as for S/MIME as well.
Your pictures only show the "Certificate Signing Algorithm" used by in the persons certificate. Which one is used in the CA certificate?
The CA shouldn't be relevant because it's imported as root CA into Thunderbird. And root CA's are not signed by someone else so the hash has no meaning for validation. Nevertheless to answer your question: The CA is also signed by sha-1. (it's a private CA because of which it sadly still used sha-1)
You need to log in before you can comment on or make changes to this bug.