Invalid cross certification?
wk at gnupg.org
Wed Apr 9 10:25:06 CEST 2008
On Tue, 8 Apr 2008 19:22, dshaw at jabberwocky.com said:
> Digest algo 11 is SHA-224, which is fairly recent. I believe it was
> added to libgcrypt somewhere in the 1.3.x development. Does your
Right, since 1.3.0 (May 2007) but we neded to fixed the ASN OID in 1.3.2
(Dec 2007) to to an error in the OpenPGP RFC. Given that Libgcrypt was
marked as development and gpg2 was not in wide use we did not put this
workaround for the changed OID into GnuPG-2:
/* This code is to work around a SHA-224 problem. RFC-4880
and the drafts leading up to it were published with the
wrong DER prefix for SHA-224. Unfortunately, GPG pre-1.4.8
used this wrong prefix. What this code does is take all
bad RSA signatures that use SHA-224, and re-checks them
using the old, incorrect, DER prefix. Someday we should
remove this code, and when we do remove it, pkcs1_encode_md
can be made into a static function again. Note that GPG2
does not have this issue as it uses libgcrypt, which is
being fixed while it is still a development version. */
However if you know verify a signature created with a faulty SHA-224
signature, gpg2 will flag it as bad.
I hesitate to put the workaround into gpg2 unless more people complain
about this problem. It would be better to fix the back signature. What
about having gpg print a notice pointing to an online FAQ entry?
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users