Date: Wed, 21 Feb 2001 02:42:36 -0500 (EST) From: Trevor Johnson <trevor@jpj.net> To: Holger Lamm <holger@flatline.de>, <security@freebsd.org> Subject: [CryptNET Advisory] pgp4pine-1.75-6 - expired public keys (fwd) Message-ID: <20010221024157.V23533-200000@blues.jpj.net>
index | next in thread | raw e-mail
[-- Attachment #1 --] The FreeBSD port of pgp4pine is maintained by Holger Lam, the author of the program itself. -- Trevor Johnson http://jpj.net/~trevor/gpgkey.txt ---------- Forwarded message ---------- Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.7]) by blues.jpj.net (8.11.1/8.11.1) with ESMTP id f1L0gfi19584; Tue, 20 Feb 2001 19:42:41 -0500 (EST) Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.7]) by lists.securityfocus.com (Postfix) with ESMTP id 4DE3824CF00; Tue, 20 Feb 2001 17:36:03 -0700 (MST) Received: from LISTS.SECURITYFOCUS.COM by LISTS.SECURITYFOCUS.COM (LISTSERV-TCP/IP release 1.8d) with spool id 26491137 for BUGTRAQ@LISTS.SECURITYFOCUS.COM; Tue, 20 Feb 2001 17:35:09 -0700 Approved-By: beng@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Received: from securityfocus.com (mail.securityfocus.com [66.38.151.9]) by lists.securityfocus.com (Postfix) with SMTP id 414BA24D0E9 for <bugtraq@lists.securityfocus.com>; Tue, 20 Feb 2001 14:06:03 -0700 (MST) Received: (qmail 28537 invoked by alias); 20 Feb 2001 21:06:17 -0000 Delivered-To: BUGTRAQ@SECURITYFOCUS.COM Received: (qmail 28527 invoked from network); 20 Feb 2001 21:06:16 -0000 Received: from firewall.cog.ufl.edu (HELO cog.ufl.edu) (128.227.187.3) by mail.securityfocus.com with SMTP; 20 Feb 2001 21:06:16 -0000 Received: from igor.intranet (IDENT:vab@igor.intranet [10.10.15.100]) by cog.ufl.edu (8.9.3/8.9.3) with ESMTP id QAA11932 for <BUGTRAQ@SECURITYFOCUS.COM>; Tue, 20 Feb 2001 16:05:32 -0500 X-Sender: vab@igor.intranet MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="168453135-1374787445-982703757=:21584" Message-ID: <Pine.LNX.4.21.0102201556410.21584-200000@igor.intranet> Date: Tue, 20 Feb 2001 16:15:57 -0500 Reply-To: "V. Alex Brennen" <vab@CRYPTNET.NET> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: "V. Alex Brennen" <vab@CRYPTNET.NET> Subject: [CryptNET Advisory] pgp4pine-1.75-6 - expired public keys To: BUGTRAQ@SECURITYFOCUS.COM -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------------ CryptNET Security Advisory http://www.cryptnet.net/ Advisory Type: Privacy - Programmatic Error Synopsis: pgp4pine may fail to identify expired public keys Issue Date: 2001.02.20 Program: pgp4pine-1.75-6 - http://pgp4pine.flatline.de/ Related Programs: Gnu Privacy Guard (GnuPG) Version 1.0.4 Pine Version 4.2.1 Maintainer Response: Attempts to contact the maintainer of the pgp4pine package where unsuccessful. - ------------------------------------------------------------------------------ 1. Executive Summary pgp4pine is a program which is used to interface various PGP implementations with the popular Pine mail reading package. Version 1.75-6 of pgp4pine fails to properly identify expired keys when working with the Gnu Privacy Guard program (GnuPG). This failure may result in the transmission of sensitive information in clear text across the network. 2. Problem Description Version 1.75-6 of pgp4pine does not include code to check if public keys are expired when loading keys from the GnuPG openPGP implementation. If a user has an expired public key in their keyring and attempts to encrypt a message to a recipient with that expired public key, pgp4pine will fail to recognize that the key is expired. pgp4pine will then issue a command to GnuPG to encrypt the email message with the expired key. The encryption will not be successful, GnuPG will return an error message due to the invalid key. pgp4pine will not detect the error which occurred when encrypting the text and will return program flow control to Pine. Pine will then transmit the message in the clear. No notice that an error occurred will be provided to the user by pgp4pine. To duplicate the error on the command line: bash$ pgp4pine -e -i /tmp/in.tmp -o /tmp/out.tmp -r (*R) * Where R is a recipient with an expired public key in your keyring. 3. Solution A patch, written by V. Alex Brennen, has been provided with this advisory. The patch consists of code modifications which allow pgp4pine to recognize and ignore expired keys when working with GnuPG. 4. About This Advisory This advisory was produced as part of the CryptNET Free Cryptography Auditing Project. CryptNET is a group working on the development of Free Software cryptographic solutions. As part of its mission, CryptNET has undertaken The Free Cryptography Auditing Project. The project is an effort to audit some of the more popular free software cryptographic programs licensed under the GNU General Public License. If you would like to become involved in this project, please see the CryptNET web site. John Sheehy, an IBM certified specialist with e-techservices.com (http://www.e-techservices.com/), assisted with the discovery and identification of this bug. - ------------------------------------------------------------------------------ [ENC: Patch] - ------------------------------------------------------------------------------ diff -urN pgp4pine-1.75/pgp4pine/keyrings.c vab.pgp4pine-1.75/pgp4pine/keyrings.c - --- pgp4pine-1.75/pgp4pine/keyrings.c Fri Aug 18 09:24:45 2000 +++ vab.pgp4pine-1.75/pgp4pine/keyrings.c Mon Feb 12 21:03:09 2001 @@ -449,22 +449,36 @@ if (strchr(buf,':') != NULL) { strncpy(keyType,getItem(buf,':',1),3); lineType = 0; - - if (strcmp(keyType,"sec") == 0) lineType = 1; /* secret line... */ - - if (strcmp(keyType,"pub") == 0) lineType = 2; /* public key */ - - if (strcmp(keyType,"uid") == 0) lineType = 4; /* user id */ - - + /* + The letter e in the second field of the colon delimited GnuPG + output denotes that gpg asserts that the trust on this item + has expired (perhaps as the result of an expired openPGP type + 0x13 or 0x18 signature packet). If this line denotes a public + key, GnuPG will not function with this key. So, we should + return with out adding it to the list. We shouldn't check + expiration ourselves because GnuPG is the final authority. + - V. Alex Brennen, CryptNET FCAP [http://www.cryptnet.net/] + 2001.02.13.01.13.47 + */ + strncpy(tmpString,getItem(buf,':',2),1); + if (strcmp(tmpString,"e") == 0) lineType = -1; /* Line w/ expired trust */ + else if (strcmp(keyType,"sec") == 0) lineType = 1; /* secret line... */ + else if (strcmp(keyType,"pub") == 0) lineType = 2; /* public key */ + else if (strcmp(keyType,"uid") == 0) lineType = 4; /* user id */ + if (lineType == 1) inSec = 1; - - if (lineType == 2) inSec = 0; + else if (lineType == 2) inSec = 0; switch (lineType) { case 1: case 2: if (lineType == 2 && getSecretOnly) break; + myNewKey = (struct pkiKey *) myMalloc(sizeof(pkiKeyStruct)); if (firstKey == NULL) firstKey = myNewKey; if (oldKey != NULL) oldKey->nextKey = myNewKey; oldKey = myNewKey; - - + /* next, key size... */ strncpy(tmpString,getItem(buf,':',3),KEY_SIZE_LENGTH); strncpy(myNewKey->keySize,tmpString,KEY_SIZE_LENGTH); @@ -523,6 +537,8 @@ strncpy(myNewKey->emailAddress,extractEmailAddress(tmpString),EMAIL_ADDRESS_MAX_LENGTH); } break; + default: + break; } } } - ------------------------------------------------------------------------------ End CryptNET Advisory - ------------------------------------------------------------------------------ - --- V. Alex Brennen [vab@cryptnet.net] F A R B E Y O N D D R I V E N ! [ http://www.cryptnet.net/ ] 0EC8 B0E3 052D FC4C 208F 76EB FA92 0973 992A 4B3F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Made with pgp4pine 1.75-6 iD8DBQE6kt6h+pIJc5kqSz8RAnKgAJ0T9mpnZgSM3Fh3EszThayvags90ACfQs9G hgWgYK1IrWbrkFdBYYgpQfg= =wCgO -----END PGP SIGNATURE----- [-- Attachment #2 --] diff -urN pgp4pine-1.75/pgp4pine/keyrings.c vab.pgp4pine-1.75/pgp4pine/keyrings.c --- pgp4pine-1.75/pgp4pine/keyrings.c Fri Aug 18 09:24:45 2000 +++ vab.pgp4pine-1.75/pgp4pine/keyrings.c Mon Feb 12 21:03:09 2001 @@ -449,22 +449,36 @@ if (strchr(buf,':') != NULL) { strncpy(keyType,getItem(buf,':',1),3); lineType = 0; - if (strcmp(keyType,"sec") == 0) lineType = 1; /* secret line... */ - if (strcmp(keyType,"pub") == 0) lineType = 2; /* public key */ - if (strcmp(keyType,"uid") == 0) lineType = 4; /* user id */ - + /* + The letter e in the second field of the colon delimited GnuPG + output denotes that gpg asserts that the trust on this item + has expired (perhaps as the result of an expired openPGP type + 0x13 or 0x18 signature packet). If this line denotes a public + key, GnuPG will not function with this key. So, we should + return with out adding it to the list. We shouldn't check + expiration ourselves because GnuPG is the final authority. + - V. Alex Brennen, CryptNET FCAP [http://www.cryptnet.net/] + 2001.02.13.01.13.47 + */ + strncpy(tmpString,getItem(buf,':',2),1); + if (strcmp(tmpString,"e") == 0) lineType = -1; /* Line w/ expired trust */ + else if (strcmp(keyType,"sec") == 0) lineType = 1; /* secret line... */ + else if (strcmp(keyType,"pub") == 0) lineType = 2; /* public key */ + else if (strcmp(keyType,"uid") == 0) lineType = 4; /* user id */ + if (lineType == 1) inSec = 1; - if (lineType == 2) inSec = 0; + else if (lineType == 2) inSec = 0; switch (lineType) { case 1: case 2: if (lineType == 2 && getSecretOnly) break; + myNewKey = (struct pkiKey *) myMalloc(sizeof(pkiKeyStruct)); if (firstKey == NULL) firstKey = myNewKey; if (oldKey != NULL) oldKey->nextKey = myNewKey; oldKey = myNewKey; - + /* next, key size... */ strncpy(tmpString,getItem(buf,':',3),KEY_SIZE_LENGTH); strncpy(myNewKey->keySize,tmpString,KEY_SIZE_LENGTH); @@ -523,6 +537,8 @@ strncpy(myNewKey->emailAddress,extractEmailAddress(tmpString),EMAIL_ADDRESS_MAX_LENGTH); } break; + default: + break; } } }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010221024157.V23533-200000>