Page MenuHome GnuPG
Create Task
Maniphest T1457

Decryption of msg encrypted to expired smime certificate fails if local-user is set
Open, NormalPublic
Actions

Description

I've received an email encrypted to my expired smime certificate
as long as the expired smime certificate is set as "local-user"
I cannot decrypt the message.

Expected behaviour: Decryption should have worked.
The error message could have been more helpful as well.

This is gpgsm.conf sets explicit encrypt-to and local-user because this
was (and possibly is) necessary for other operations to work when having several smime
certificates available, so I had

encrypt-to 7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73
local-user 7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73

bernhard@thoe:~/tmp$ gpgsm --list-secret-key
7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73
F 2A 2F 21 80 FE 51 44

           ID: 0x888E0373
          S/N: 06
       Issuer: /CN=Email CA 2010/O=Intevation GmbH/C=DE
      Subject: /CN=Bernhard Reiter/O=Intevation GmbH/C=DE
          aka: bernhard@intevation.de
     validity: 2010-06-21 08:47:43 through 2012-06-20 08:47:43
     key type: 2048 bit RSA
    key usage: digitalSignature nonRepudiation keyEncipherment
  fingerprint: 7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73

Here is an excerpt from the "-vv --debug-all" output with local-user set:

LANG=C gpgsm -vv --debug-all -d file.enc

gpgsm: reading options from `/powerhome/bernhard/.gnupg/gpgsm.conf'
gpgsm: enabled debug flags: x509 mpi crypto memory cache memstat hashing assuan
gpgsm: DBG: get_keygrip for public key
gpgsm: DBG: keygrip= 66 95 BA FD 5D C5 44 8F FE 67 04 90 8F 2A 2F 21 80 FE 51 44
gpgsm: DBG: connection to agent established
gpgsm: DBG: BEGIN Certificate `target':
gpgsm: DBG: serial: 06
gpgsm: DBG: notBefore: 2010-06-21 08:47:43
gpgsm: DBG: notAfter: 2012-06-20 08:47:43
gpgsm: DBG: issuer: CN=Email CA 2010,O=Intevation GmbH,C=DE
gpgsm: DBG: subject: CN=Bernhard Reiter,O=Intevation GmbH,C=DE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.5
gpgsm: DBG: SHA1 Fingerprint: 7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73
gpgsm: DBG: END Certificate
gpgsm: certificate has expired
gpgsm: (expired at 2012-06-20 08:47:43)
gpgsm: DBG: got issuer's certificate:

gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: connection to dirmngr established
gpgsm: asking dirmngr about 7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73
gpgsm: response of dirmngr: okay
gpgsm: certificate is good
gpgsm: DBG: got issuer's certificate:

gpgsm: DBG: gcry_pk_verify: Success
gpgsm: asking dirmngr about FE:09:86:1B:00:74:BE:A2:48:DD:99:E6:AE:7C:26:FB:6D:AC:45:03
gpgsm: response of dirmngr: okay
gpgsm: validation model used: shell
gpgsm: root certificate is good
gpgsm: asking dirmngr about 11:B9:1B:31:EE:09:E0:84:4D:25:4E:58:7A:65:CE:51:84:F3:6B:70
gpgsm: response of dirmngr: okay
pgsm: can't sign using `7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73': Certificate
expired
gpgsm: DBG: BEGIN Certificate `target':
gpgsm: DBG: serial: 06
gpgsm: DBG: notBefore: 2010-06-21 08:47:43
gpgsm: DBG: notAfter: 2012-06-20 08:47:43
gpgsm: DBG: issuer: CN=Email CA 2010,O=Intevation GmbH,C=DE
gpgsm: DBG: subject: CN=Bernhard Reiter,O=Intevation GmbH,C=DE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.5
gpgsm: DBG: SHA1 Fingerprint: 7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73
gpgsm: DBG: END Certificate
gpgsm: certificate has expired
gpgsm: (expired at 2012-06-20 08:47:43)

gpgsm: NOTE: won't be able to encrypt to `7B:EA:F9:D6:5B:5F:4A:D9:73:4A:56:07:48:F7:6C:04:88:8E:03:73':
Certificate expired

gpgsm --version
gpgsm (GnuPG) 2.0.19
libgcrypt 1.5.0
libksba 1.2.0

dpkg -s gpgsm
Architecture: i386
Version: 2.0.19-0kk1

Details

Version
2.0.19

Event Timeline

bernhard added projects: S/MIME, gnupg, Bug Report.Dec 10 2012, 9:27 PM
bernhard set Version to 2.0.19.
bernhard added a subscriber: bernhard.
werner set Due Date to Dec 31 2012, 1:00 AM.Dec 20 2012, 2:55 PM
werner added a subscriber: werner.Jan 2 2013, 8:11 PM

I agree that the error message is misleading. What happens is that
gpgsm prepares the keys the decrypt operation and does not distinguish
between decrypt and sign: In all cases where the private keys are
required, gpgsm will check that the configured signing key is usable.

We could remedy this by making this check depend on the intended
usage. However, this is a bit complicated and in any case, your
configuration is wrong. I'd rather say, learn early that your config
files needs an update than to fix the problem.

What about adding a hint "check your config files" to the "can't sign
suing XXX" diagnostics? I don't like to change strings right now. A
diagnostic "please check your configuration (option '%s')" would
generally be useful.

bernhard added a comment.Jan 3 2013, 10:58 AM

I agree that adding a better message is helpful.
What about something along the lines that says:

"cannot sign with or decrypt with key XYZ"

and explaining:

  "even when trying to decrypt with a different key, 
  the default signature key gets checked."

Certainly it would be much better if decryption would just try to
decrypt with the available keys, no matter of what status the
certificates to this or other keys are. I am worrying most about the
applications that are using Gnupg in this way, they probably will
not be able to either explain this properlto user or offer good
assistance. The reason you give why this is done is only an implementation
artifact and not logical for a user that has learned or tries to learn
about public key cryptography.

werner removed Due Date.Apr 19 2013, 5:40 PM
marcus added a subscriber: marcus.Jul 17 2017, 2:37 PM

I don't know if decryption method was changed, but at least the "can't sign using" message appears to be unchanged yet (from looking at the source code).