Possible bug when decrypting CryptoEx data?
David Shaw
dshaw at jabberwocky.com
Wed Jul 30 15:54:01 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, Jul 28, 2003 at 07:45:53PM +0200, Holger Sesterhenn wrote:
> Hi,
>
> (using GnuPG 1.2.2, linux)
>
> I have done some research on my problems decrypting mails which are created
> by CryptoEx 2.1.11.1 (see message in gnupg-users last week).
>
> These files are signed and encrypted and look a little bit different from
> the files created by GnuPG:
Yes. CryptoEx seems to be creating SIG+COMPRESSED(LITERAL), while old
PGP creates COMPRESSED(SIG+LITERAL). GnuPG and new PGP creates
COMPRESSED(ONEPASS+LITERAL+SIG), but can understand the old PGP
format.
I took a quick look at 2440, and while no program other than CryptoEx
creates that packet sequence, it does not seem to be illegal - just
unusual.
> It is obvious that CryptoEx seems to violate RFC2440 by creating cleartext
> signed messages with no 'Hash:' line and using SHA1 instead of MD5. GnuPG
> emits an error message but PGP verfies these messages OK! Maybe time for
> another flag (--CryptoEx)?
Ugh ;) I guess a --cryptoex could enable a SHA1 context when there is
no Hash: header, but even that might not do it. We'd have to run a
context for every possible hash since there is no way to know which
hash CryptoEx used.
The Hash: problem does violate 2440. This has been a problem for a
long time now (at least a year). I wish they'd fix it already.
CryptoEx has another problem besides this: it will try to encrypt to
RSA sign-only keys.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iEYEARECAAYFAj8nwDsACgkQ4mZch0nhy8mnFgCdF5/KTQsRpOU2Pvq5Ksml29BQ
dO8AoLbsnXnqfazSFCwWMIvXOxaQ+Wdt
=WohA
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list