Cannot send encrypted OpenPGP to a key using MD5 for the user ID self signature
Categories
(MailNews Core :: Security, defect)
Tracking
(Not tracked)
People
(Reporter: pecherz, Unassigned)
Details
Attachments
(3 files)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
Steps to reproduce:
Got public key from user, imported to PGP Key Manager, then tried to send an encrypted email.
Actual results:
Couldn't send message, there is an info about error (Message couldn't be sent)
Expected results:
Message should have been sent.
Comment 1•4 years ago
|
||
We'll need more info. https://wiki.mozilla.org/Thunderbird:OpenPGP#Debugging_.2F_Tracing
I attached a screenshot from Debug Cosole.
Set up RNP_LOG_CONSOLE=1, then restarted Win10, bo nothing new added in Console.
Just the same error as last time.
Comment 4•4 years ago
|
||
Is it possible to attach the public key, or send a copy to me and kaie@thunderbird.net? (Reference this bug)
Public key attached. It was generated in Thunderbird new PGP Manager.
Comment 7•4 years ago
|
||
(In reply to pecherz from comment #3)
I attached a screenshot from Debug Cosole.
Set up RNP_LOG_CONSOLE=1, then restarted Win10, bo nothing new added in Console.
These additional log messages aren't shown in the Thunderbird error console.
To see internal log messages from RNP, you must execute Thunderbird from a terminal window, and messages will appear in the terminal.
Comment 8•4 years ago
|
||
I cannot reproduce your problem with TB 78.4
I imported your attached key, then I mark your key as "accepted", then I compose an email to your address. Then "message security info" in composer says "ok" (key found). Then I enable encryption for the message, then I use file/send later. That stores an encrypted message in my outbox folder.
Can you please try again with 78.4.0 ?
Did you download TB from thunderbird.net or did you get it from a different source?
Are you able to send an encrypted email to yourself?
Ok, back on track, so... I did few tests more and here is what I found:
-
I have two email accounts A and B, created in PGP Manager a pair of keys for each account, and it works perfect. I can send encrypted email A->B and B->A, it works, no bugs.
-
... but when I imported my friend's public key (created in Bat) to PGP Manager, I can't send an encrypted email to him.
Comment 10•4 years ago
|
||
I need a copy of the nonworking public key.
Reporter | ||
Comment 11•4 years ago
|
||
Sent via email to Kai.
Comment 12•4 years ago
|
||
Thanks. Received the key, can reproduce.
I see:
[encrypted_add_recipient() rnp/src/librepgp/stream-write.cpp:518] attempt to use invalid key as recipient
Updated•4 years ago
|
Comment 13•4 years ago
|
||
The above was using the older snapshot currently on 78.x (from 2020-09-13).
I get same behavior with RNP snapshot from 2020-10-30, just a different line number:
[encrypted_add_recipient() rnp/src/librepgp/stream-write.cpp:516] attempt to use invalid key as recipient
Comment 14•4 years ago
|
||
I found the reason.
We reject this key, because the self-signature for binding the user ID uses the obsolete MD5 algorithm.
New: Public Key Packet(tag 6)(527 bytes)
Ver 3 - old
Public key creation time - Thu Oct 8 18:51:21 CEST 2020
Valid days - 0[0 is forever]
Pub alg - RSA Encrypt or Sign(pub 1)
RSA n(4096 bits) - ...
RSA e(17 bits) - ...
New: User ID Packet(tag 13)(50 bytes)
User ID - ##redacted##
New: Signature Packet(tag 2)(533 bytes)
Ver 3 - old
Hash material(5 bytes):
Sig type - Generic certification of a User ID and Public Key packet(0x10).
Creation time - Thu Oct 8 18:51:21 CEST 2020
Key ID - ##redacted##
Pub alg - RSA Encrypt or Sign(pub 1)
Hash alg - MD5(hash 1)
Hash left 2 bytes - 98 f7
RSA m^d mod n(4096 bits) - ...
-> PKCS-1
Comment 15•4 years ago
|
||
pecherz: Can you please ask your contact which software they have used to create their key? It has a key creation date from 2020. It's very surprising that any software would still do that in 2020. I'm guessing your contact uses very old software, but it would be very interesting to know.
Comment 16•4 years ago
|
||
I've filed bug 1678011 because we're reporting the key as usable in security info.
After fixing bug 1678011, we'd give proper feedback that a key is unusable.
Comment 17•4 years ago
|
||
updating subject.
I think this bug is WONTFIX.
Please let me know if you disagree.
Reporter | ||
Comment 18•4 years ago
|
||
(In reply to Kai Engert (:KaiE:) from comment #15)
pecherz: Can you please ask your contact which software they have used to create their key? It has a key creation date from 2020. It's very surprising that any software would still do that in 2020. I'm guessing your contact uses very old software, but it would be very interesting to know.
The Bat 6.0.12
Comment 19•4 years ago
|
||
(In reply to pecherz from comment #18)
The Bat 6.0.12
Thanks for that information.
That's software from 2013. It contains an internal PGP implementation based on RFC 1991 from the year 1996.
RFC 4880 from the year 2007 already declared those older keys as deprecated.
I tried to use a recent version of GnuPG, and it refuses to import that key, too.
The most recent versions of The Bat have removed the old internal implementation based on RFC 1991.
It seems The Bat supports the use of external GnuPG software.
Your correspondent could try to install modern GnuPG software and configure The Bat to use it.
And they should probably upgrade to a newer version of the email software, too.
Description
•