Thunderbird 91.8 rejects OpenPGP keys with a binding signature based on SHA-1
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(thunderbird_esr91+ fixed)
People
(Reporter: clemens.hanel, Assigned: KaiE)
References
(Regression)
Details
(Keywords: regression, testcase, Whiteboard: [regression 91.7->91.8])
Attachments
(2 files, 1 obsolete file)
|
6.44 KB,
application/pgp-encrypted
|
Details | |
|
48 bytes,
text/x-phabricator-request
|
o.nickolay
:
review+
KaiE
:
approval-comm-esr91+
|
Details | Review |
Steps to reproduce:
We imported the attached PGP-key into Thunderbird 91.8
We tried importing via file and also via WKD-lookup.
Actual results:
The expiry date shows: 2021-04-02
Expected results:
The expiry date should show: 2031-03-22
This works as expected in Thunderbird 91.7
|
Reporter | |
Comment 1•2 years ago
|
||
Just a wild guess: Maybe related to the fix of https://bugzilla.mozilla.org/show_bug.cgi?id=1754985
|
|
Reporter | |
Comment 2•2 years ago
|
||
|
||
Comment 3•2 years ago
|
||
(When referencing bugs, please just write "bug" and the number, so that bugzilla autolinks correctly. Bug 1754985, bug 1753446.
|
Assignee | |
Comment 4•2 years ago
|
||
Nickolay, would be able to help us analyze why this key is reported by RNP v0.16.0 as expired? It's apparently a regression in comparison with v0.15.2
|
||
Comment 5•2 years ago
|
||
Hi, sure. The signature, which prolongs key expiration, uses SHA1 hash and has creation date Wed Mar 24 10:39:00 2021.
Since RNP v0.16.0 all SHA1 signatures, created after Jan, 15 2019 are marked as invalid, so new expiration is not picked up.
|
|
Assignee | |
Comment 6•2 years ago
|
||
Nickolay, thanks a lot for your quick help!
|
|
Assignee | |
Comment 7•2 years ago
|
||
Clemens, could you ask the key owner to extend the key using software that supports modern algorithms?
I think this bug should be marked wontfix, because we deliberately would like to reject signatures made using obsolete mechanisms.
|
|
Reporter | |
Comment 8•2 years ago
|
||
Hello Kai,
We can confirm that re-extending the keys mitigates the problem. However, it is not possible to fix this within Thunderbird 91.8 itself, one needs to export the key to GPG, extend expiry there and reimport the key. Otherwise the new expiry date is ignored by Thunderbird.
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
||
Comment 10•2 years ago
|
||
I would suggest that Thunderbird should offer some (more specific) information about the problem. I guess there aren't a lot of 'normal' users that search for responses in Bugzilla - or even know what SHA1 is and how using it may be a security risk.
|
||
Comment 12•2 years ago
|
||
Hello,iI ended up here after a tip in the German forum.
I also cannot import two keys with 91.8.0 (Windows).
Examples here are two keys from two German data protection authorities.
-
https://datenschutz.hessen.de/service/verschl%C3%BCsselte-kommunikation-mit-dem-HBDI
https://datenschutz.hessen.de/sites/datenschutz.hessen.de/files/HBDI_PGP.txt -
https://www.datenschutz.bremen.de/wir-ueber-uns/vertrauliche-kommunikation-7303
https://www.datenschutz.bremen.de/sixcms/media.php/13/LfDI_Bremen.ASC
With Kleopatra I can import both keys, with Thunderbird I get error messages. The key for Bremen shows Thunderbird as expired, while Kleopatra recognises the key as valid. A screenshot (German) is here: https://www.thunderbird-mail.de/forum/thread/89386-frage-zum-pgp-import-von-%C3%B6ffentlichen-schl%C3%BCsseln/?postID=494861#post494861
I have spent the last few days troubleshooting.
Thanks
|
||
Comment 14•2 years ago
|
||
Hi,
I extended the expiry date using GPG, and imported that - which seemed to fix the problem of Thunderbird not 'seeing' the correct expiration date (since it isn't accepting signatures that use SHA1).
However, now I seem to be unable to select this key as my personal key. I get a "OpenPGP keys imported successfully message!" message, but there is not an option available to select this key as my personal key.
|
|
Assignee | |
Comment 15•2 years ago
|
||
(In reply to makechanges from comment #14)
I extended the expiry date using GPG, and imported that - which seemed to fix the problem of Thunderbird not 'seeing' the correct expiration date (since it isn't accepting signatures that use SHA1).
However, now I seem to be unable to select this key as my personal key. I get a "OpenPGP keys imported successfully message!" message, but there is not an option available to select this key as my personal key.
I'm sorry to hear that there are apparently additional problems.
Could you please create a full package dump of your secret key, and check if there's still any mention of MD5 of SHA1
|
|
Assignee | |
Comment 16•2 years ago
|
||
I suggest to partially undo the change, and continue to allow SHA-1 binding self-signatures and revocation signatures until we can offer a better way to handle affected keys.
|
|
Assignee | |
Comment 17•2 years ago
|
||
|
||
Updated•2 years ago
|
|
|
Assignee | |
Updated•2 years ago
|
|
|
Assignee | |
Updated•2 years ago
|
|
|
||
Comment 18•2 years ago
|
||
Comment on attachment 9274640 [details]
Bug 1763641 - Continue to allow SHA-1 in OpenPGP binding signatures and revocation signatures. r=mkmelin
LGTM!
|
|
Assignee | |
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
||
Comment 19•2 years ago
|
||
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/ca8356ebfcb2
Continue to allow SHA-1 in OpenPGP binding signatures and revocation signatures. r=mkmelin
|
|
Assignee | |
Comment 20•2 years ago
|
||
Comment on attachment 9274640 [details]
Bug 1763641 - Continue to allow SHA-1 in OpenPGP binding signatures and revocation signatures. r=mkmelin
a=wsmwk from Matrix chat
|
||
Comment 22•2 years ago
|
||
| bugherder uplift | ||
Thunderbird 91.9.0:
https://hg.mozilla.org/releases/comm-esr91/rev/a27665dc9773
|
||
Comment 23•2 years ago
|
||
The current candidate build can be downloaded from https://archive.mozilla.org/pub/thunderbird/candidates/91.9.0-candidates/build3/
Andif all goes well 91.9.0 should be available later today.
|
|
||
Comment 26•2 years ago
|
||
Thank you all for all of your support in figuring this out, and for making adjustments so that this doesn't adversely affect people who haven't been able to figure out what is going wrong yet.
|
|
||
Comment 27•2 years ago
|
||
Offhand, any idea when this might be available in the ubuntu updates? I've been trying to avoid creating a new pgp key, and nobody who is dependent on a current version of Thunderbird can send me encrypted mail and I can't send encrypted mail to anyone who also inadvertently has a SHA1 hash in their signatures.
|
|
||
Comment 28•2 years ago
|
||
Hi, I was hoping to hear an update about this? I'm uncertain if I need to use a candidate build, or if the reversion to allow SHA1 hash in signatures will become part of the release available through Ubuntu updates.
|
|
Assignee | |
Comment 29•2 years ago
|
||
I cannot answer questions about the update timeline of the Ubuntu distribution.
| Comment hidden (obsolete) |
|
|
||
Comment 31•2 years ago
|
||
Comment on attachment 9275958 [details]
Bug 1763641 - Add RNP source patch for bug 1763641. r=kaie
Revision D146013 was moved to bug 1767272. Setting attachment 9275958 [details] to obsolete.
Description
•