WARNING: signature digest conflict in message ?
Matija Nalis
mnalis-ml at voyager.hr
Thu Sep 25 14:05:49 CEST 2008
I did most of the testing with default debian Etch gnupg 1.4.6-2,
but I've also verified that problem exists is gnupg 1.4.9-3
The problem is if one uses clearsign format without "Hash:" line, and
the actual hash used is *not* MD5, the "gpg --verify" fails with:
gpg: WARNING: signature digest conflict in message
gpg: Can't check signature: general error
If one uses detached signatures, the gpg correctly guess hash used
from the signature, uses that, and correctly verifies message.
If one uses clearsign signature, but without "Hash:" line[1], it
fails, unless the hash happens to be MD5.
Failing example looks something like:
-----BEGIN PGP SIGNED MESSAGE-----
some cleartext
some more cleartext
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQCVAwUBSNt3osBJstyq5PJcAQIF1AP/S0ki33NfTfLdrESJ6A0ug59c7mrSbAEO
CUYO8uTYZXErp+1KSEkdlTg3SI20tiE1L4Wh7iBlt3QcOaOaxTpenGPGtD0EeDmj
lRnS11TXqdZRleBj+Z9BT3zDFba+DJoVYli00LL8pjEsLqDM5HKmUEQJC3XGQOk7
3tsNAe+ur3g=
=0+0L
-----END PGP SIGNATURE-----
Would it be possible in such a case to try to deduce the hash used
from signature, before (or instead of) falling back to assuming it is
MD5 ? I see no reason why it couldn't be possible.
[1] Yes, I know it would work if the "Hash: SHA1" line was present
after "-----BEGIN PGP SIGNED MESSAGE-----", and while I could
easily fix it in my server, there are tons of other places where
it probably won't be fixed (long story - the software is INN's
pgpverify < 1.23)
--
Opinions above are GNU-copylefted.
More information about the Gnupg-devel
mailing list