unknown critical bit

classic Classic list List threaded Threaded
8 messages Options
ilf
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

unknown critical bit

ilf
With current GnuPG, I get an error with a specific key:

% gpg --version
gpg (GnuPG) 2.1.19
libgcrypt 1.7.6
<snip>

% mkdir test; cd test # new empty GnuPG homedir

% gpg --homedir=. --recv 631EFC0642A8D5D22C52FBA0E62E990F36377134
gpg: keybox '/home/user/test/pubring.kbx' created
gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
gpg: /home/user/test/trustdb.gpg: trustdb created
gpg: key E62E990F36377134: public key "Dan Blah Meredith (This is my current primary key. This replaces my old key ID 1024D/0x9C1BDFB4.)" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

% gpg --homedir=. --recv 631EFC0642A8D5D22C52FBA0E62E990F36377134
gpg: WARNING: unsafe permissions on homedir '/home/user/bar'
gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
gpg: key E62E990F36377134: "Dan Blah Meredith (This is my current primary key. This replaces my old key ID 1024D/0x9C1BDFB4.)" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

% gpg --export-options export-minimal --export 631EFC0642A8D5D22C52FBA0E62E990F36377134 | pgpdump | grep critical | sort | uniq -c
     10         Hashed Sub: features(sub 30)(critical)(1 bytes)
     11         Hashed Sub: key expiration time(sub 9)(critical)(4 bytes)
     11         Hashed Sub: key flags(sub 27)(critical)(1 bytes)
     11         Hashed Sub: signature creation time(sub 2)(critical)(4 bytes)

The "critical" bit is defined in
https://tools.ietf.org/html/rfc4880#section-5.2.3.1

In GnuPG, this is caused in
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/sig-check.c;hb=refs/heads/master#l473

But both my OpenPGP *and* GnuPG skills fail me at that point.

Can someone help me understand why this is failing?

Thanks!

--
ilf

Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
                -- Eine Initiative des Bundesamtes für Tastaturbenutzung

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

Neal H. Walfield
Hi Ilf,

The subpacket signature that includes the unhandled critical bit is in
a signature's hashed area.  The contents are:

0x02 0x9d 0x00 0x05 0x82 0x57 0xb3 0xd3 0xa0
^    ^    ^    ^
|    |    |    subpacket #2, length = 5
|    |    "No reason specified"
|    type = 29 (reason for revocation), critical (high bit = 1)
subpacket #1, length = 2

In other words, we have a well-formed "reason for revocation"
subpacket (see page 24-25 of RFC 4880).

Looking at can_handle_critical in parse-packet.c, we see that
SIGSUBPKT_REVOC_REASON is not considered to be supported with respect
to the critical bit.

Examining a few gpg revocation generated packets, it looks like gpg
doesn't set the critical bit on these subpackets (look for
"revocation" in the output of sed 's/^://' | pgpdump).  So, I'm
guessing that these revocation signatures were probably generated by
some other software.

HTH,

:) Neal

At Sun, 2 Apr 2017 15:53:13 +0200,
ilf wrote:

>
> [1  <multipart/signed (7bit)>]
> [1.1  <text/plain; utf-8 (quoted-printable)>]
> With current GnuPG, I get an error with a specific key:
>
> % gpg --version
> gpg (GnuPG) 2.1.19
> libgcrypt 1.7.6
> <snip>
>
> % mkdir test; cd test # new empty GnuPG homedir
>
> % gpg --homedir=. --recv 631EFC0642A8D5D22C52FBA0E62E990F36377134
> gpg: keybox '/home/user/test/pubring.kbx' created
> gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
> gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
> gpg: /home/user/test/trustdb.gpg: trustdb created
> gpg: key E62E990F36377134: public key "Dan Blah Meredith (This is my current primary key. This replaces my old key ID 1024D/0x9C1BDFB4.)" imported
> gpg: no ultimately trusted keys found
> gpg: Total number processed: 1
> gpg:               imported: 1
>
> % gpg --homedir=. --recv 631EFC0642A8D5D22C52FBA0E62E990F36377134
> gpg: WARNING: unsafe permissions on homedir '/home/user/bar'
> gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
> gpg: assuming bad signature from key E62E990F36377134 due to an unknown critical bit
> gpg: key E62E990F36377134: "Dan Blah Meredith (This is my current primary key. This replaces my old key ID 1024D/0x9C1BDFB4.)" not changed
> gpg: Total number processed: 1
> gpg:              unchanged: 1
>
> % gpg --export-options export-minimal --export 631EFC0642A8D5D22C52FBA0E62E990F36377134 | pgpdump | grep critical | sort | uniq -c
>     10         Hashed Sub: features(sub 30)(critical)(1 bytes)
>     11         Hashed Sub: key expiration time(sub 9)(critical)(4 bytes)
>     11         Hashed Sub: key flags(sub 27)(critical)(1 bytes)
>     11         Hashed Sub: signature creation time(sub 2)(critical)(4 bytes)
>
> The "critical" bit is defined in
> https://tools.ietf.org/html/rfc4880#section-5.2.3.1
>
> In GnuPG, this is caused in
> https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/sig-check.c;hb=refs/heads/master#l473
>
> But both my OpenPGP *and* GnuPG skills fail me at that point.
>
> Can someone help me understand why this is failing?
>
> Thanks!
>
> --
> ilf
>
> Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
> -- Eine Initiative des Bundesamtes für Tastaturbenutzung
> [1.2 signature.asc <application/pgp-signature (7bit)>]
> Good signature from 153FE398821C8394 ilf <[hidden email]> created at 2017-04-02T15:53:13+0200 using RSA
> [2  <text/plain; us-ascii (7bit)>]
> _______________________________________________
> Gnupg-devel mailing list
> [hidden email]
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

Werner Koch

> Looking at can_handle_critical in parse-packet.c, we see that
> SIGSUBPKT_REVOC_REASON is not considered to be supported with respect
> to the critical bit.

That is the first time such an issue was reported.  I am a bit taken
aback to learn that this implementation did not test against gpg.
Anyway, I just committed

    gpg: Handle critical marked 'Reason for Revocation'.
   
    * g10/parse-packet.c (can_handle_critical): Add
    SIGSUBPKT_REVOC_REASON.
    --
   
    Some software seems to mark that subpacket as criticial.  Although gpg
    has no special treatment for a revocation reasons (except for
    --list-packets) we can accept a criticial marked anyway.  There are no
    mandatary rules specified on how to handle a revocation reason.

to master to go into 2.1.20.


Salam-Shalom,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

attachment0 (233 bytes) Download Attachment
ilf
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

ilf
Werner Koch:
> That is the first time such an issue was reported.  I am a bit taken
> aback to learn that this implementation did not test against gpg.

Apparently, that implementation is OpenKeychain of Vincent in Cc.

> Anyway, I just committed

Thanks!

--
ilf

Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
                -- Eine Initiative des Bundesamtes für Tastaturbenutzung

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

Vincent Breitmoser
Hi,

thanks for bringing this to our attention!  Interesting that this never
came up before.  We do indeed set the critical flag for the reason for
revocation subpacket, for no good reason.

A related question came up when we looked at our implementation: We set
the reason as NO_REASON, with an empty string. Dominik says he included
the packet for compatibility reasons, but we can't remember the
specifics at this point.

We could now either set the flag to false, or drop the subpacket
altogether. I have no strong preference, would probably just drop the
critical bit to change as little as necessary. Any thoughts?

 - V

ilf([hidden email])@Wed, Apr 05, 2017 at 09:41:51PM +0200:

> Werner Koch:
> > That is the first time such an issue was reported.  I am a bit taken
> > aback to learn that this implementation did not test against gpg.
>
> Apparently, that implementation is OpenKeychain of Vincent in Cc.
>
> > Anyway, I just committed
>
> Thanks!
>
> --
> ilf
>
> Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
> -- Eine Initiative des Bundesamtes für Tastaturbenutzung



_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

Werner Koch
On Thu,  6 Apr 2017 16:11, [hidden email] said:

> A related question came up when we looked at our implementation: We set
> the reason as NO_REASON, with an empty string. Dominik says he
> included

GnuPG does the same for the revocation certs created with the key.  In
interactive mode the user is asked for a reason and an optional
description.

> the packet for compatibility reasons, but we can't remember the
> specifics at this point.

To support v3 keys.

> We could now either set the flag to false, or drop the subpacket
> altogether. I have no strong preference, would probably just drop the
> critical bit to change as little as necessary. Any thoughts?

That would certainly be helpful.


Salam-Shalom,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

attachment0 (233 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

Dominik Schuermann
To keep the information flow between the projects: This has been fixed
in OpenKeychain v4.3.

Ref:
https://github.com/open-keychain/open-keychain/commit/005f93a4f30a9505093271554a8e7ab79011ace0

Thanks again for pointing this out.

Cheers
Dominik

On 04/06/2017 07:32 PM, Werner Koch wrote:

> On Thu,  6 Apr 2017 16:11, [hidden email] said:
>
>> A related question came up when we looked at our implementation: We set
>> the reason as NO_REASON, with an empty string. Dominik says he
>> included
>
> GnuPG does the same for the revocation certs created with the key.  In
> interactive mode the user is asked for a reason and an optional
> description.
>
>> the packet for compatibility reasons, but we can't remember the
>> specifics at this point.
>
> To support v3 keys.
>
>> We could now either set the flag to false, or drop the subpacket
>> altogether. I have no strong preference, would probably just drop the
>> critical bit to change as little as necessary. Any thoughts?
>
> That would certainly be helpful.
>
>
> Salam-Shalom,
>
>    Werner
>
>
>
> _______________________________________________
> Gnupg-devel mailing list
> [hidden email]
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
>

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (484 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: unknown critical bit

Werner Koch
On Mon,  8 May 2017 08:43, [hidden email] said:
> To keep the information flow between the projects: This has been fixed
> in OpenKeychain v4.3.

Thanks.


Shalom-Salam,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

attachment0 (233 bytes) Download Attachment
Loading...