1830858 - Update RNP to 0.17.0

Status: RESOLVED FIXED

(MailNews Core :: Security: OpenPGP, enhancement)

Description

[Kai Engert [:KaiE:]]

Update RNP to 0.17.0
https://github.com/rnpgp/rnp/releases/tag/v0.17.0

Comment 1

[Kai Engert [:KaiE:]]

Let's get bug 1828465 done first, and this one afterwards.

Comment 2

[Rob Lemley [:rjl]]

I mention this in bug 1830992, but will reiterate here since it's something to look into.

RNP v0.17.0 has a Git subrepo at "src/libsexp", pointing to https://github.com/rnpgp/sexp. Licensing is good as it's MIT licensed. Right now, update_rnp.sh will run fine, but it will not grab the submodule. Looking at mach vendor, it also will not grab the submodule. So it's something that will have to be figured out.

I checked the CMakeLists.txt files for RNP v0.17.0, and libsexp is linked into librnp itself, so it's definitely a requirement.

Build code will also need updating.

Comment 3

[Nickolay Olshevsky]

Yeah, SExp parsing code was extracted from the RNP for easier maintanance/reusability, and used in working tree as Git submodule. It is used only for parsing of GnuPG native keyring data.

Alternative way would be to download release tarball from https://github.com/rnpgp/rnp/releases/tag/v0.17.0 (see rnp-v0.17.0.tar.gz) - it includes SExp sources as well.

Comment 4

[Rob Lemley [:rjl]]

Attachment: WIP: Bug 1830858 - Add moz.yaml file to vendor RNP source code. r=kaie

Comment 5

[Phabricator Automation]

Comment on attachment 9331937 [details]
WIP: Bug 1830858 - Add moz.yaml file to vendor RNP source code. r=kaie

Revision D177317 was moved to bug 1830992. Setting attachment 9331937 [details] to obsolete.

Comment 6

[Rob Lemley [:rjl]]

Attachment: Bug 1830858 - Run mach vendor to update RNP to v0.17.0. r=kaie

Does not include build code changes.

Depends on D177317

Comment 7

[Rob Lemley [:rjl]]

Attachment: Bug 1830858 - Update build code for RNP 0.17.0. r=#thunderbird-build-system-reviewers,kaie

Depends on D177337

Comment 8

[Rob Lemley [:rjl]]

Attachment: Bug 1830858 - Update RNP moz.yaml for v0.17.0. r=kaie

Depends on D177317

Comment 9

[Kai Engert [:KaiE:]]

In RNP.jsm in function encryptAndOrSign I'd like to call rnp_op_encrypt_set_aead("NONE").

The reason is, the use of AEAD will cause the creation of v5 OpenPGP data packets, and v5 packets currently aren't widely supported, they may be specific to GnuPG, in my understanding. I'd like to avoid compatibility issues at this time, so I'd like to ensure that AEAD remains disabled for now.

I'll attach that patch soon. It's fine to land that patch prior to landing v0.17.0

Comment 10

[Kai Engert [:KaiE:]]

Attachment: Bug 1830858 - Explicitly disable AEAD for OpenPGP to avoid v5 packets. r=o.nickolay

Comment 11

[Rob Lemley [:rjl]]

Some new configure settings are needed for v0.17.0: ENABLE_BLOWFISH, ENABLE_CAST5 and ENABLE_RIPEMD160 that should work with Botan or OpenSSL.

Also ENABLE_AEAD is currently set when using the Botan backend, but not OpenSSL. Do we want to change that in light of comment 9?

Current ENABLE_* - botan:
ENABLE_IDEA: True
ENABLE_AEAD: True
ENABLE_TWOFISH: True
ENABLE_BRAINPOOL: True

Current ENABLE_* - openssl:
ENABLE_IDEA: True
# Not supported with RNP+OpenSSL https://github.com/rnpgp/rnp/issues/1642
ENABLE_AEAD: False
# Not supported by OpenSSL https://github.com/openssl/openssl/issues/2046
ENABLE_TWOFISH: False
# Supported, but not with RHEL's OpenSSL, disabled for now;
ENABLE_BRAINPOOL: False

Proposing for v0.17.0:
Both backends:

• ENABLE_SM2: False # make it explicit
• ENABLE_AEAD: True # ??? Works with OpenSSL now, but we don't want it?
• ENABLE_IDEA: True
• ENABLE_BLOWFISH: True
• ENABLE_CAST5: True,
• ENABLE_RIPEMD160: True

Botan:

• ENABLE_TWOFISH: True
• ENABLE_BRAINPOOL: True

OpenSSL:

• ENABLE_TWOFISH: False
• ENABLE_BRAINPOOL: False

Comment 12

[Nickolay Olshevsky]

While TB currently doesn't use AEAD for encryption, I would suggest to keep ENABLE_AEAD: True, so Thunderbird would be able to decrypt messages if those are encrypted using the AEAD. The same could apply to other options: even if algo is not used for encryption, it would be good to be able to decrypt.

Comment 13

[Kai Engert [:KaiE:]]

I agree with Nickolay. ENABLE_AEAD = True, to allow us to decrypt.

We will disable producing AEAD data using API calls.

Comment 14

[Kai Engert [:KaiE:]]

Nickolay, does the attached patch make sense? Would you like to make that patch as "accepted"?

Comment 15

[Nickolay Olshevsky]

Done!

Comment 16

[Alessandro Castellani [:aleca]]

Temporarily removing the check-in flag because there's a lint failure in the patch: https://treeherder.mozilla.org/jobs?repo=try-comm-central&revision=c98574c5dbb9a6043a38dedecefbf1e73fe5525b&selectedTaskRun=DrnyX2EBQliQkwoMVpLIIQ.0

Comment 17

[Kai Engert [:KaiE:]]

(In reply to Alessandro Castellani [:aleca] from comment #16)

Temporarily removing the check-in flag because there's a lint failure in the patch: https://treeherder.mozilla.org/jobs?repo=try-comm-central&revision=c98574c5dbb9a6043a38dedecefbf1e73fe5525b&selectedTaskRun=DrnyX2EBQliQkwoMVpLIIQ.0

I've updated D177615, merged and ran lint.

Comment 18

[Kai Engert [:KaiE:]]

I tried a local build with the three phab patches.
I got a linker failure, undefined sm2_validate_key
Apparently SM2 is still enabled, despite ENABLE_SM2 being defined as False in those patches.

Comment 19

[Kai Engert [:KaiE:]]

(In reply to Kai Engert (:KaiE:) from comment #18)

Apparently SM2 is still enabled, despite ENABLE_SM2 being defined as False in those patches.

I'll comment in phab revision D177338.

Comment 20

[Kai Engert [:KaiE:]]

Rob, your patches are marked as "changes planned".
What's missing?
Could we get this done soon for 115 ?

Comment 21

[Pulsebot]

Pushed by martin@humanoids.be:
https://hg.mozilla.org/comm-central/rev/b5d4d20c224e
Explicitly disable AEAD for OpenPGP to avoid v5 packets. r=o.nickolay

Comment 22

[Rob Lemley [:rjl]]

(In reply to Kai Engert (:KaiE:) from comment #18)

I tried a local build with the three phab patches.
I got a linker failure, undefined sm2_validate_key
Apparently SM2 is still enabled, despite ENABLE_SM2 being defined as False in those patches.

Fixed.

Comment 23

[Kai Engert [:KaiE:]]

In the past I verified RNP update patches by comparing with a cloned github repository, updated to the intended revision.

This time I cannot use that strategy for a full comparison, because of the sexp library. I couldn't find which sexp revision is supposed to be part of the release.

I decided to instead compare against the release archive, which is also what the new update/vendor script does, apparently.

I've verified that https://phabricator.services.mozilla.com/D177337?id=725451 matches the contents of https://github.com/rnpgp/rnp/releases/download/v0.17.0/rnp-v0.17.0.tar.gz (ignoring the various small non-code helper files that are present in the main directories of rnp and sexp). The patch contains an additional rnp/rnp_export.h file, plus various moz build files.

I've verified that the signature from https://github.com/rnpgp/rnp/releases/download/v0.17.0/rnp-v0.17.0.tar.gz.asc matches the above tar.gz archive.

Result of signature verification:
gpg: Signature made Mi 03 Mai 2023 12:38:25 CEST
gpg: using EDDSA key 50DA59D5B9134FA2DB1EB20CFB829AB5D0FE017F
gpg: Good signature from "RNPGP Release Signing Key <rnpgp@ribose.com>" [unknown]
Primary key fingerprint: 31AF 5A24 D861 EFCB 7CB7 9A19 2490 0CE0 AEFB 5417
Subkey fingerprint: 50DA 59D5 B913 4FA2 DB1E B20C FB82 9AB5 D0FE 017F

The signature was made by the key that is published at
https://www.rnpgp.org/openpgp_keys/
https://www.rnpgp.org/openpgp_keys/31AF5A24D861EFCB7CB79A1924900CE0AEFB5417-50DA59D5B9134FA2DB1EB20CFB829AB5D0FE017F.asc

Comment 24

[Kai Engert [:KaiE:]]

(In reply to Kai Engert (:KaiE:) from comment #23)

https://www.rnpgp.org/openpgp_keys/31AF5A24D861EFCB7CB79A1924900CE0AEFB5417-50DA59D5B9134FA2DB1EB20CFB829AB5D0FE017F.asc

That release signing key is also currently linked from
https://github.com/rnpgp/rnp/releases/tag/v0.17.0

Comment 25

[Kai Engert [:KaiE:]]

Please also uplift to 115

Comment 26

[Rob Lemley [:rjl]]

Comment on attachment 9331964 [details]
Bug 1830858 - Update build code for RNP 0.17.0. r=#thunderbird-build-system-reviewers,kaie

[Approval Request Comment]
Regression caused by (bug #): N/A
User impact if declined: Old version of librnp in esr115
Testing completed (on c-c, etc.): Daily once it lands
Risk to taking this patch (and alternatives if risky): Low - this is a stable update to librnp. There is small risk of difference due to build config changes but I believe they are well covered.

This is an uplift request for all patches on this bug

Comment 27

[Pulsebot]

Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/cb6b0ea311f8
Update RNP moz.yaml for v0.17.0. r=kaie
https://hg.mozilla.org/comm-central/rev/02315e12eee2
Run mach vendor to update RNP to v0.17.0. r=kaie
https://hg.mozilla.org/comm-central/rev/703f5b55b8fc
Update build code for RNP 0.17.0. r=kaie

Comment 28

[Wayne Mery (:wsmwk)]

Comment on attachment 9331963 [details]
Bug 1830858 - Run mach vendor to update RNP to v0.17.0. r=kaie

[Triage Comment]
Approved for beta

Comment 29

[Wayne Mery (:wsmwk)]

Comment on attachment 9331964 [details]
Bug 1830858 - Update build code for RNP 0.17.0. r=#thunderbird-build-system-reviewers,kaie

[Triage Comment]
Approved for beta

Comment 30

[Wayne Mery (:wsmwk)]

Comment on attachment 9332527 [details]
Bug 1830858 - Update RNP moz.yaml for v0.17.0. r=kaie

[Triage Comment][Triage Comment]
Approved for beta

Comment 31

[Wayne Mery (:wsmwk)]

Comment on attachment 9332592 [details]
Bug 1830858 - Explicitly disable AEAD for OpenPGP to avoid v5 packets. r=o.nickolay

[Triage Comment]
Approved for beta

Comment 32

[Rob Lemley [:rjl]]

Thunderbird 115.0b2:
https://hg.mozilla.org/releases/comm-beta/rev/3352b21531a1
https://hg.mozilla.org/releases/comm-beta/rev/0e00e1cfefb0
https://hg.mozilla.org/releases/comm-beta/rev/42faa21f8b0d