WARNING: signature digest conflict in message ?
B.Candler at pobox.com
Thu Sep 25 21:33:43 CEST 2008
On Thu, Sep 25, 2008 at 08:17:25PM +0100, Brian Candler wrote:
> clearsigned message <-------> message + detached signature
Actually that particular one should be pretty simple: I think a clearsigned
message is just an armored detached signature stuck onto the end of the
message. A simple perl or ruby script could split them, although you'll need
to be careful to munge line endings properly.
Also, I thought of another solution. RFC 2440 says:
If more than one message digest is used in the signature, the "Hash"
armor header contains a comma-delimited list of used message digests.
So perhaps if you add a fake header
to those messages which don't have a "Hash:" header, then it will verify
correctly. I did a quick experiment, clearsigning a message and changing
and the signature still verified. So you just need to check that a MD5+RSA
message still verifies with this header, and you're away.
More information about the Gnupg-devel