Possible bug when decrypting CryptoEx data?

Holger Sesterhenn Holger.Sesterhenn at aachen.utimaco.de
Mon Jul 28 20:51:02 CEST 2003


Hi,

(using GnuPG 1.2.2, linux)

I have done some research on my problems decrypting mails which are created
by CryptoEx 2.1.11.1 (see message in gnupg-users last week).

These files are signed and encrypted and look a little bit different from
the files created by GnuPG:
---------------------------------
gpg: 3DES encrypted data
:signature packet: algo 17, keyid 19B49CC51236DD1D
        version 3, created 1059126342, md5len 5, sigclass 00
        digest algo 2, begin of digest 0c 48
        data: [160 bits]
        data: [160 bits]
:compressed packet: algo=1
:literal data packet:
        mode t, created 0, name="",
        raw data: 61 bytes
gpg: original file name=''
Testmail...
---------------------------------

On line 1623 of mainproc.c the field 'have_data' of the 'mainproc_context'
'c' is false after processing the above packets. Although there is
obvoiusly data included (the plaintext: 'Testmail...') GnuPG presumes this
is a detached signature.

A signed and encrypted datafile created by GnuPg itself include these packets:
---------------------------------------
gpg: TWOFISH encrypted data
:compressed packet: algo=2
:onepass_sig packet: keyid FCBEF72981234710
        version 3, sigclass 00, digest 2, pubkey 17, last=1
:literal data packet:
        mode b, created 1038341542, name="",
        raw data: 377 bytes
[...data...]
gpg: original file name=''
:signature packet: algo 17, keyid FCBEF72981234710
        version 3, created 1038341542, md5len 5, sigclass 00
        digest algo 2, begin of digest 90 4f
        data: [160 bits]
        data: [160 bits]
---------------------------------------

Well, there are some interesting comments in the source files about the
different order of packets created by PGP but nothing about CryptoEx.

I am not that familiar with the RFC to say why the structure created by
CryptoEx should violate RFC2440.

It is obvious that CryptoEx seems to violate RFC2440 by creating cleartext
signed messages with no 'Hash:' line and using SHA1 instead of MD5. GnuPG
emits an error message but PGP verfies these messages OK! Maybe time for
another flag (--CryptoEx)?

Best Regards,

Holger Sesterhenn
--
mailto:Holger.Sesterhenn at aachen.utimaco.de
Internet   http://www.utimaco.com




More information about the Gnupg-devel mailing list