Closed
Bug 1822888
Opened 2 years ago
Closed 2 years ago
Valid GPG signature is shown as invalid if the encryption subkey has expired
Categories
(Thunderbird :: Security, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: dunj3, Unassigned)
Details
Attachments
(2 files)
When using a GPG key that has an expired encryption key (but a valid signature key), the email signature is shown as invalid (with the reason "The key has expired").
Steps to reproduce:
- Import a key that has a valid signature subkey but an expired encryption subkey. I used the public key from the BSI newsletter, but a self-generated one works as well
- The key manager shows this key as expired, even though the signature subkey is still valid (in the case of BSI, until 2031-01-23)
- Receive a signed email (signed newsletter example attached)
Expected result:
The signature is accepted, e.g. as done by running GPG manually:
gpg: Signature made Thu 16 Mar 2023 11:57:50 AM CET
gpg: using RSA key 4A51174602339B6C
gpg: Good signature from "Bürger-CERT Newsletter <buerger-cert-newsletter_pgp@newsletter.gsb.bund.de>" [unknown]
Actual result:
The signature is shown as invalid (due to an expired key). Worse, the signature check seems to end prematurely (if you modify the text, the reason is still an expired key, and not that the data mismatches).
Note: This might be related to #1755775, but affects signatures (and manifests without the secret keys available).
|
Reporter | |
Comment 1•2 years ago
|
||
|
|
Reporter | |
Comment 2•2 years ago
|
||
Never mind, I just realized that the signatures are done using SHA-1, so this is more of a #1764381 problem/also covered by #1811003:
[signature_validate() /build/thunderbird/src/thunderbird-102.9.0/comm/third_party/rnp/src/lib/crypto/signatures.cpp:211] Insecure hash algorithm 2, marking signature as invalid.
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•