Authenticating with OpenPGP certificates with primary keys marked S2K_GNU_EXT fails
Sean Buckheister
s_buckhe at cs.uni-kl.de
Mon Jan 30 06:31:07 CET 2012
Hello,
today I stumbled across a (from my point of view) major problem with
OpenPGP certificate handling: it doesn't work when a certificate has no
private keying material in it's primary key.
Apparently, the ability to read such keys was added to the library in
late 2008 [0], but only the loader was touched. Loading such a key fails
when used for TLS authentication, even when there is at least one
unencrypted, active subkey with Sign/Authenticate capabilities.
I managed to narrow the problem down to the privkey-copy operation that
stores a user-supplied private key into a certificate credentials
structure. To copy that private key, it is first exported from it's
internal representation, then reloaded into a new and distinct internal
representation attached to the credentials struct. The exporter however
does not correctly export the primary key the loader once found, and
thus the next loader will fail to load the key.
The codepath that leads to this in my case is
gnutls_certificate_set_openpgp_key
gnutls_privkey_import_openpgp (... GNUTLS_PRIVKEY_IMPORT_COPY)
_gnutls_openpgp_privkey_cpy
This method does the export/importing. Export works, import doesn't:
gnutls_openpgp_privkey_import
cdk_kbnode_read_from_mem
cdk_keydb_get_keyblock
cdk_pkt_read
This will find an exported CDK_PKT_SECRET_SUBKEY packet, but with wrong S2K.
read_secret_subkey
read_secret_key
This finally fails, reading the S2K. Somehow the packet gets shortened
by two bytes during export. This is due to the exporter not knowing
about S2K_GNU_EXT, telling it how long one of those S2Ks is fixes the
problem nicely. A patch that does this (three lines in total, but about
a day worth of digging through code) is attached.
-- Sean
[0] http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: s2k.patch
Type: text/x-patch
Size: 432 bytes
Desc: not available
URL: </pipermail/attachments/20120130/2016b1af/attachment.bin>
More information about the Gnutls-devel
mailing list