[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

unsafe use of gpg


I recently looked at several packages using gpg to verify signatures and
found ways to circumvent the signature check, see [1] for a few bug
reports demonstrating this.


So far I have found two different problems:

1, Using cleartext signatures:

Packages processing data using cleartext signatures (like used in
.changes or .dsc in Debian) try to extract the signed data themselves
and fail to do so properly. They can be tricked into extracting
something different than gpg makes sure a valid signature exists for,
usually by injecting whitespace or using invalid markers to mark the
start or end of the pgp message.

2, Not asking gpg to verify signatures:

I also found packages that call gpg in the form "gpg $file" and expect
gpg to verify the signature on $file and output the signed data.  Indeed
it does so for *signed* files, but if you just give it unsigned data
packed into an OpenPGP message, it will happily just extract that
without caring about signatures. (One can generate those messages with
'gpg --store'.)

Sadly gpg doesn't seem to provide a painless way to check for a valid
signature and extracting the signed data[2]. Or did I miss something?

  [2] <http://bugs.debian.org/695855>


Reply to: