Open Bug 1969429 Opened 5 months ago Updated 3 months ago

ECDSA Certificate Selectable for Mail Encryption - but can't be used ("Sending failed") - was able to select the key for encryption even though key usages only list "Digital Signature"

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Version:
Thunderbird 115
Type:
defect

Tracking

(Not tracked)

Status:
UNCONFIRMED

People

(Reporter: rillke, Unassigned)

References

Details

Attachments

(4 files)

Error message when attempting to send an email to myself because TB can't encrypt because cert does not allow that. But cert was selectable for encryption.
73.89 KB, image/png
Details
ECDSA certificate issued by HARICA for S/MIME use but only for signing, not encryption
89.47 KB, image/png
Details
ECDSA certificate issued by HARICA for S/MIME use but only for signing, not encryption (2)
84.79 KB, image/png
Details
ECDSA certificate issued by HARICA for S/MIME use but only for signing, not encryption selected for encryption without any issue
54.68 KB, image/png
Details

Steps to reproduce:

  1. Create an ECDSA certificate
    1.1 openssl genpkey -genparam -algorithm ec -pkeyopt ec_paramgen_curve:P-256 -out ECPARAM.pem
    1.2 openssl req -newkey ec:ECPARAM.pem -keyout PRIVATEKEY.key -out MYCSR.csr
  2. Let a CA process the CSR and download the Cert bundle
  3. Create a P12 Bundle from the downloaded Cert bundle
    3.1 openssl pkcs12 -export -inkey PRIVATEKEY.key -in Cert_bundle.pem -out Cert_bundle.p12
  4. Import the bundle into Mozilla Thunderbird 115.18.0 (Ubuntu 22.04 LTS) under Hamburger Menu -> Settings -> Certificates -> Manage Certificates -> Your Certificates -> Import ...
    4.1 Note that certificate's "Key Usages" is only "Digital Signature" but not "Key Encipherment" (View -> "Key Usages" in Certificate Manager)
  5. Set this certificate as the Personal certificate for digital signing and for encryption.
    5.1 Under Account Settings -> S/MIME, select the certificate that was just imported in the step before
  6. Attempt to send an encrypted E-Mail to yourself
    6.1 Under S/MIME select "Encrypt" and "Digitally Sign"
    6.2 Press "send"
    6.3 See error: "Sending of the message failed.
    You specified encryption for this message, but the application either failed to find the encryption certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired."

Actual results:

I am able to select an ECDSA certificate for encryption leading to an error down the road when actually trying to use it for that purpose. According to crypto.stackexchange, "the ECDSA algorithm can't be used for encryption".

Expected results:

When selecting an ECDSA certificate that can't be used for encryption in the Account Settings -> S/MIME for encryption, a meaningful error message like "Your selected certificate uses the ECDSA algorithm and therefore can't be used for encryption; get an RSA certificate instead" would be favorable.
After all, proper encryption shouldn't be hard to use for the end user.

Component: Untriaged → Security: S/MIME
Product: Thunderbird → MailNews Core
Summary: ECDSA Certificate Selectable for Mail Encryption → ECDSA Certificate Selectable for Mail Encryption - but can't be used ("Sending failed")

Rainer, wow is this in v139?

Summary: ECDSA Certificate Selectable for Mail Encryption - but can't be used ("Sending failed") → ECDSA Certificate Selectable for Mail Encryption - but can't be used ("Sending failed") - was able to select the key for encryption even though key usages only list "Digital Signature"

Kai have you seen this bug?

Flags: needinfo?(kaie)

You say you are using Thunderbird 115. That's an old version. Please try a newer version.

We have enabled support for encryption using ECDH in Thunderbird version 128, see bug 676118

Flags: needinfo?(kaie)

You say the usage of the selected certificate doesn't allow encryption, but only signatures.

I agree that TB should prevent configuring a non-encryption certificate for encryption.

But it's expected that the non-encryption cert fails when you use it for encryption, right?

Hi, I re-tried on a Thunderbird 128.11.1esr (64-bit) under Ubuntu (apt sources). The result differs as TB already detects that the certificate can't be used while composing the message but it still allows selecting a certificate for encryption that can't be used for encryption. I'll attach some screenshots.

Note that ECDSA ≠ ECDH.

Well kind of, reading through https://stackoverflow.com/a/4970640/2683737

Yes, TB doesn't perform a validation at the time we select a certificate.

This could be costly when preparing the certificate selection dialog, because a user could potentially have many of them.

However, in bug 1944810 we're working on a mechanism to test the selected/configured certificate.
Once done, we could potentially also execute that test automatically after the user selects one, and reject if the test doesn't succeed.

See Also: → 1944810
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: