Closed Bug 1670059 Opened 4 years ago Closed 4 years ago

Cannot send encrypted OpenPGP to a key using MD5 for the user ID self signature

Categories

(MailNews Core :: Security, defect)

defect

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: pecherz, Unassigned)

Details

Attachments

(3 files)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36

Steps to reproduce:

Got public key from user, imported to PGP Key Manager, then tried to send an encrypted email.

Actual results:

Couldn't send message, there is an info about error (Message couldn't be sent)

Expected results:

Message should have been sent.

Product: Thunderbird → MailNews Core

I attached a screenshot from Debug Cosole.
Set up RNP_LOG_CONSOLE=1, then restarted Win10, bo nothing new added in Console.
Just the same error as last time.

Is it possible to attach the public key, or send a copy to me and kaie@thunderbird.net? (Reference this bug)

Public key attached. It was generated in Thunderbird new PGP Manager.

(In reply to pecherz from comment #3)

I attached a screenshot from Debug Cosole.
Set up RNP_LOG_CONSOLE=1, then restarted Win10, bo nothing new added in Console.

These additional log messages aren't shown in the Thunderbird error console.

To see internal log messages from RNP, you must execute Thunderbird from a terminal window, and messages will appear in the terminal.

I cannot reproduce your problem with TB 78.4

I imported your attached key, then I mark your key as "accepted", then I compose an email to your address. Then "message security info" in composer says "ok" (key found). Then I enable encryption for the message, then I use file/send later. That stores an encrypted message in my outbox folder.

Can you please try again with 78.4.0 ?

Did you download TB from thunderbird.net or did you get it from a different source?

Are you able to send an encrypted email to yourself?

Flags: needinfo?(pecherz)

Ok, back on track, so... I did few tests more and here is what I found:

  1. I have two email accounts A and B, created in PGP Manager a pair of keys for each account, and it works perfect. I can send encrypted email A->B and B->A, it works, no bugs.

  2. ... but when I imported my friend's public key (created in Bat) to PGP Manager, I can't send an encrypted email to him.

Flags: needinfo?(pecherz)

I need a copy of the nonworking public key.

Sent via email to Kai.

Thanks. Received the key, can reproduce.

I see:
[encrypted_add_recipient() rnp/src/librepgp/stream-write.cpp:518] attempt to use invalid key as recipient

Status: UNCONFIRMED → NEW
Ever confirmed: true

The above was using the older snapshot currently on 78.x (from 2020-09-13).

I get same behavior with RNP snapshot from 2020-10-30, just a different line number:

[encrypted_add_recipient() rnp/src/librepgp/stream-write.cpp:516] attempt to use invalid key as recipient

I found the reason.

We reject this key, because the self-signature for binding the user ID uses the obsolete MD5 algorithm.

New: Public Key Packet(tag 6)(527 bytes)
	Ver 3 - old
	Public key creation time - Thu Oct  8 18:51:21 CEST 2020
	Valid days - 0[0 is forever]
	Pub alg - RSA Encrypt or Sign(pub 1)
	RSA n(4096 bits) - ...
	RSA e(17 bits) - ...
New: User ID Packet(tag 13)(50 bytes)
	User ID - ##redacted##
New: Signature Packet(tag 2)(533 bytes)
	Ver 3 - old
	Hash material(5 bytes):
		Sig type - Generic certification of a User ID and Public Key packet(0x10).
		Creation time - Thu Oct  8 18:51:21 CEST 2020
	Key ID - ##redacted##
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - MD5(hash 1)
	Hash left 2 bytes - 98 f7 
	RSA m^d mod n(4096 bits) - ...
		-> PKCS-1

pecherz: Can you please ask your contact which software they have used to create their key? It has a key creation date from 2020. It's very surprising that any software would still do that in 2020. I'm guessing your contact uses very old software, but it would be very interesting to know.

I've filed bug 1678011 because we're reporting the key as usable in security info.

After fixing bug 1678011, we'd give proper feedback that a key is unusable.

updating subject.

I think this bug is WONTFIX.

Please let me know if you disagree.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
Summary: Error during sending email when using new PGP feature → Cannot send encrypted OpenPGP to a key using MD5 for the user ID self signature

(In reply to Kai Engert (:KaiE:) from comment #15)

pecherz: Can you please ask your contact which software they have used to create their key? It has a key creation date from 2020. It's very surprising that any software would still do that in 2020. I'm guessing your contact uses very old software, but it would be very interesting to know.

The Bat 6.0.12

(In reply to pecherz from comment #18)

The Bat 6.0.12

Thanks for that information.

That's software from 2013. It contains an internal PGP implementation based on RFC 1991 from the year 1996.
RFC 4880 from the year 2007 already declared those older keys as deprecated.

I tried to use a recent version of GnuPG, and it refuses to import that key, too.
The most recent versions of The Bat have removed the old internal implementation based on RFC 1991.

It seems The Bat supports the use of external GnuPG software.
Your correspondent could try to install modern GnuPG software and configure The Bat to use it.
And they should probably upgrade to a newer version of the email software, too.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: