[9891] in cryptography@c2.net mail archive
Re: wu-ftpd-2.6.2 fails GPG & PGP2 signature verifications, passes PGP6!
daemon@ATHENA.MIT.EDU (David Shaw)
Sun Dec 2 20:01:42 2001
Date: Sun, 2 Dec 2001 02:56:59 -0500
From: David Shaw <dshaw@jabberwocky.com>
To: hugh@xisp.net
Cc: wuftpd-members@wu-ftpd.org, jon@lasser.org,
cryptography@wasabisystems.com, vuldb@securityfocus.com, wk@gnupg.org
Message-ID: <20011202025659.C17242@akamai.com>
Mail-Followup-To: hugh@xisp.net, wuftpd-members@wu-ftpd.org,
jon@lasser.org, cryptography@wasabisystems.com,
vuldb@securityfocus.com, wk@gnupg.org
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="tKW2IUtsqtDRztdT"
Content-Disposition: inline
In-Reply-To: <200112011114.fB1BEGL06689@road.xisp.net>; from hugh@road.xisp.net on Sat, Dec 01, 2001 at 03:14:11AM -0800
--tKW2IUtsqtDRztdT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Dec 01, 2001 at 03:14:11AM -0800, Hugh Daniel wrote:
> UPDATE: My email below is suspect in that I was finely able to get
> a 'valid signature' result using pgp-6.5.8, but one that had been
> installed from an RPM and not source (to my knowledge the 'matching'
> source fails to compile still) and thus I myself do not place much
> trust in that version of PGP.
>=20
> There is still a huge problem here, but now more with PGP, as simple
> file signature validations should NOT be failing across different
> versions of the horrid PGP/GPG/OpenPGP mess.
>=20
> Frankly, I am at a bit of a loss as to a reasonable course of action
> in this case. I don't trust any of the pieces at this point and thus
> none of the results. I guess I will just turn off wu-FTP on any
> servers I have and hope for a better day...
The immediate problem is in the signature:
:signature packet: algo 1, keyid 0ECD082462885875
version 3, created 1007126392, md5len 5, sigclass 01
digest algo 1, begin of digest ea 0d
data: [1024 bits]
Note the sigclass. Sigclass 0x01 means "signature on a canonical TEXT
document". The signature is calculated after changing the end-of-line
characters to CRLF, and stripping trailing blanks.
The wu-ftpd tarball is certainly not text, and as such, seems to be
causing problems with the text canonicalization code in at least one
of the programs. Basically, PGP 6.5.8, PGP 2.6.3i, and GnuPG 1.0.6
are canonicalizing this "text" differently. It's nearly 3am here, so
I'm not going to delve into which is correct. ;)
After running a few experiments, I was able to successfully verify the
signature with GnuPG by modifying the text canonicalization code (this
doesn't mean the problem is in GnuPG - just that I'm more familiar
with it, so it was easier for me to test with). I'm not surprised the
signature verified correctly with PGP 6, as it was made with PGP 6 in
the first place.
In any event, since the wu-ftpd tarball is certainly not text, a
signature on a binary document (sigclass 0x00) would avoid all these
problems and would likely verify without any difficulty. To do this,
the signer needs to remove "TextMode" or "-t" from their PGP
configuration.
David
--=20
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
--tKW2IUtsqtDRztdT
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6b (GNU/Linux)
iQEVAwUBPAney4ccwqs8s7QVAQGrMggAnpa5VNdRCHEkpCcBBOncX58eK3ImIGtt
RgoWrF2dilh9GE53vQJpG2asIKnWrDDFfW80gZaPmGKJOuytMfr0991+cR3NgsHo
VSgZI7O3oPMc5rn+nLUvFJJUO94kfNGnPcirD+4wsFpbYDJirUqKgTT6a6Y1I8Xf
p5tLpXjH8W/MwoTRdFSoFqmYF88rzGsadYa+u2AhnbtvugaSCUYTImxJHn2rJJZS
u1fEp7+Tvgmi5PLMHu8d5rZR2dAFg/hcPE5PZV0oKAAZVruM6avfJu80HzTt1xG9
jXYe9DB3ZWvLwDfElvB0c2CwTPxGFM3XzU8wy5bGXS04Y0WecIrM6Q==
=PVSc
-----END PGP SIGNATURE-----
--tKW2IUtsqtDRztdT--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
