unsafe use of gpg

To: debian-devel@lists.debian.org
Subject: unsafe use of gpg
From: Ansgar Burchardt <ansgar@debian.org>
Date: Fri, 14 Dec 2012 16:18:07 +0100
Message-id: <[🔎] 50CB432F.1040805@debian.org>

Hi,

I recently looked at several packages using gpg to verify signatures and
found ways to circumvent the signature check, see [1] for a few bug
reports demonstrating this.

  [1]
<http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=gpg-clearsign;users=ansgar@debian.org>

So far I have found two different problems:

1, Using cleartext signatures:

Packages processing data using cleartext signatures (like used in
.changes or .dsc in Debian) try to extract the signed data themselves
and fail to do so properly. They can be tricked into extracting
something different than gpg makes sure a valid signature exists for,
usually by injecting whitespace or using invalid markers to mark the
start or end of the pgp message.

2, Not asking gpg to verify signatures:

I also found packages that call gpg in the form "gpg $file" and expect
gpg to verify the signature on $file and output the signed data.  Indeed
it does so for *signed* files, but if you just give it unsigned data
packed into an OpenPGP message, it will happily just extract that
without caring about signatures. (One can generate those messages with
'gpg --store'.)

Sadly gpg doesn't seem to provide a painless way to check for a valid
signature and extracting the signed data[2]. Or did I miss something?

  [2] <http://bugs.debian.org/695855>

Ansgar

Reply to:

Follow-Ups:
- Re: unsafe use of gpg
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: unsafe use of gpg
  - From: "Bernhard R. Link" <brlink@debian.org>

Prev by Date: Re: Bug#695897: ITP: corekeeper -- Core file centralizer and reaper
Next by Date: Re: unsafe use of gpg
Previous by thread: Bug#695901: ITP: corekeeper -- Core file centralizer and reaper
Next by thread: Re: unsafe use of gpg
Index(es):
- Date
- Thread