Gpgsm stable: gen-key triggers bug with recent libgcrypt
Closed, ResolvedPublic

Description

On my Windows 7 (x64) machine gpgsm always crashes with the following output:

C:\Users\bboeck.GPS>gpgsm --gen-key
gpgsm (GnuPG) 2.0.28; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:

(1) RSA
(2) Existing key
(3) Existing key from card

Your selection? 1
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Possible actions for a RSA key:

(1) sign, encrypt
(2) sign
(3) encrypt

Your selection? 1
Enter the X.509 subject name: CN=Test
Enter email addresses (end with an empty line):

Enter DNS names (optional; end with an empty line):

Enter URIs (optional; end with an empty line):

Parameters to be used for the certificate request:

    Key-Type: RSA
    Key-Length: 4096
    Key-Usage: sign, encrypt
    Name-DN: CN=Test

Really create request? (y/N) y
Now creating certificate request. This may take a while ...
gpgsm: about to sign CSR for key: &91582A4FE74BB4E2FD3A4034BE86FB1890736AD0
Ohhhh jeeee: ... this is a bug (../../libgcrypt-1.6.3/cipher/md.c:809:md_read)

This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.

Details

Version
2.0.28
bboeck set Version to 2.0.28.
bboeck added a subscriber: bboeck.
aheinecke added a subscriber: aheinecke.

I can reproduce the Problem with gpg4win 2.2.5 and under GNU/Linux running
libgcrypt master and gnupg stable branch.

Does not happen with GnuPG master (2.1)

aheinecke renamed this task from gpgsm crash to Gpgsm stable: gen-key triggers bug with recent libgcrypt.Jul 20 2015, 9:53 AM
aheinecke raised the priority of this task from Normal to High.
aheinecke added a subscriber: werner.

As this did not happen with 2.0.27 against 1.6.3 (which was part of gpg4win
2.2.4) I ran a git bisect on gnupg:

bdf439035d123e4751e133ad42982673b0c86b75 is the first bad commit
commit bdf439035d123e4751e133ad42982673b0c86b75
Author: Werner Koch <wk@gnupg.org>
Date: Wed Mar 25 10:12:11 2015 +0100

sm: Change default algos to SHA256 (CSR) and AES128 (bulk encryption).

* sm/certreqgen.c (create_request): Change default hash algo.
* sm/gpgsm.c (main): Change default bulk cipher algo.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
aheinecke assigned this task to werner.Jul 20 2015, 11:00 AM

I had to revert the CSR part of the patch. Done with commit 35d3ced.

There a couple of problems with using aritrary hash algorithm in gpgsm. We
better solve that in master first and then decide whether it makes sense to
backport.

werner closed this task as Resolved.Jul 27 2015, 12:01 PM

Note: in 2.1 (master) this is correctly implemented.

werner reopened this task as Open.

Does this mean it would also not be possible to generate a CSR with SHA256 as
hash algo with 2.0 at all? I think I've tested this some time ago and it worked
but that might have been 2.1

I'd like to see this fixed as the change was part of the NEWS for 2.0.28 and do
we really want to have a NEWS entry like "The default hash algo for a CSR is now
SHA-1 again because we failed to get SHA-256 working"? :-p

Right. SHA-256 never worked because the CSR anyway indicated SHA-1 but signed
using SHA-256.

Note that the signing of a CSR is only there to indicate that one own the
private key. The resulting certificate may use any signing algorithm on the
discretion of the CA.

werner added a comment.Sep 9 2015, 4:12 PM

2.0.29 has been released.

werner closed this task as Resolved.Sep 9 2015, 4:12 PM
werner removed a project: Testing.