when verifying signatures, gpg and gpgv should ensure signing capabilities
Closed, ResolvedPublic

Description

https://dev.gnupg.org/rG1a5d95e7319e7e6f0dd11064a26cbbc371b05214

introduces this comment:

/* Fixme: Should we also check the signing capability here for data
 * signature?  */

The answer is clearly "yes, we should".

The only thing that prevents a stolen encryption-capable subkey from being misused as a signing key at the moment is the missing cross-certification from the parent primary key.

even the error messages are currently misleading, because they refer to the subkey as a "signing key", which it is not. Below is an example transcript from which it should be possible to recreate the errors.

0 tester@host$ gpg --with-subkey-fingerprint --list-keys
/tmp/tester/pubring.kbx
--------------------------------
pub   rsa3072 2018-06-08 [SC] [expires: 2020-06-07]
      0921969A56F420AF90E6663A79AB2899CEAF2EF0
uid           [ultimate] bananas
sub   rsa3072 2018-06-08 [E]
      3CEA0FC885E0919E89099CFABA0D05488E06702C

0 tester@host$ cat test.txt 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

this is a test
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEPOoPyIXgkZ6JCZz6ug0FSI4GcCwFAlsbAXwACgkQug0FSI4G
cCymWQv+OK9DvOG8IANPcsY31/7bKZrGGHX4mtPi3ZAziOFgf6zv7HkD6jLiBXHE
2ubbFAXpdNBRVucz5WnWCTe9DzXmZ1PDiFz45Yg2M8pd5BQrM2l9xikctz3tejgm
MamWTWhBjY13yPnI/C27qXrgRVwNg4YHYfKBjAFf7VErOyL/SdJfUhW6WBBlAdEO
1SO+EQL+Rbu1sIVP2/bYo/vDzoHdF2llO71hQ7B0ZT0sWBp/GlDxqfDtKPp0Uv4o
YkRKdJ0oOygYSXTM9B0IHfeOyOpqLCTk2thutpO/zKn+EiHHK+Pk7NUSvbCED1As
YDw+d1c4nfSDpCECMYJ64+burtHeAJeHBVKtj+5VYsq39xniaMOHLxDTz7TXSsA3
Al2o6N9ikw/Cufc4vwS6ASkYEVjszmS9K4Bb0ZJD7BS02UDaGX529fQT6SGwNEyp
QGAa71npy6lCo/70wIePdik+WRWRrZ8SVJ2Jf0/tvcF+3MUgBC8OM94V6JD+Lx/y
Ikymub8E
=lVTR
-----END PGP SIGNATURE-----
0 tester@host$ gpg --export --armor
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBFsZxwABDADEKkZ3IiJ1ZjWAJAeJT8chSvo/N5QxtfFQhTh5E9EJ0mtx5kuC
bF9LaQYYbSKDP4BbPCl0I1PATdKJqR8CTBoxiLFPnIhVWKASqlEOa/+kAze6IaH1
ypVYIAZgp5jJ/znQzs2ZTSe2QaeAtNHmRgiUFTOzfk5c+IJGxt7nuZsU+dOt/bxe
QN6cHBJEahkkLt3I/pI8JO1sZ+rrhFXXJa6wPpRttHRYL4XwFToBHMed+8I30heu
uohzG5icC1f/SPvRxJGuulhpDIiaO0bVXD2DQH5eqZ5dyACyeuurLP5e4cY+G0bJ
Nk3Kzf6Ab2V6pAJPnOBdcQAuQZy0FJbIdk1JHF/wxFVekbd/UpDuMKEaQQ9g/A6X
NhybO3TNXynzJ+uUyPeaW0COcdTvZfHlgZVrM8s3VndLMpV4Kly7pUCtANYJZ61V
BcvsNLgGCbNiFWOCbShB0ngoL1klYD8lVFj/94Sm9LZjFwTA7/H8QvsCIA3QahKN
DBObMItD7pFe2A8AEQEAAbQHYmFuYW5hc4kB1AQTAQoAPhYhBAkhlppW9CCvkOZm
OnmrKJnOry7wBQJbGccAAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
AAoJEHmrKJnOry7w80IL/14l7A/bs7BvFpNuy3eQD6LjrkPjifssrq5k93q8JHSk
a71c/uvT2VxlnAgPrcXHk1w4A+1CVM7TSU1umGeZJaC37dbHal8y6DyDnTC7RgOZ
H0ecMgRV0tiIfNk6kz+su3jVRAxwUe+JnubNmC2zhpmzHUfl534iS2/gnLW5qqj7
XAMLiHRgiH4GD3buGQBxT4L4R8HQEVBF9xKyiBXBXsCJD4AzNigcWJEWZYWilBoz
a0fnNR3r4JZFCl13j4XMGrpZvpz+3I6Jd6U/BACiORfAl7A1DglQtq4havTumA7C
xuyY8w696WhcCID+/8oOTL42TlSGCrYqJ3UGBxV8Bk5NovmFQhtPbtggfhxYOOvy
fnCw1w9fkZXKwLoFr3lvPwhhLJixs4jUscObSErLH0D8SLwkHdYhaPE9xJCEj/ov
o2JvJzJ6Dg+Xy/YL9bg5bWKYi4nzDcF9WOF2wQ2IY+mUnzmQsLnJAA5dAP6qk9Li
tuMtBUMBBZuJn3HBFwswWbkBjQRbGccAAQwArPtb/LibK7zOAgIJ0CATKkCFcCXq
7B2akG73fD3deUWynEEd/Lz3QLRoqkyQTF+BQkEKWPTjSsdfDhwFrEgRu2sPYJWY
7ff/Yys2tcAEshx4ZNb3OmFaco2Cnr6qJ5M3b7Yx3AtBFjj2oLeGEi8FMkxKRZj3
Aa1Vj2AGvN0t3Yhm6TItMdqEsn4n43fnRawbPWS3wq3KDYF/hEChrswLiKE9G8XS
7rmY7fE+ProN1AgceDXF1LagrhcwcJwwXNvlk7GANqbtUH9wbAICQbAXsB6MGoe3
ztvzHbuTwAHZI1GzcJfalO71mYKQYUX88Kr/66N6DSDWfgquYMr67CDsey2qGSrz
NBnrSTa0G2s6zUWn5pJvLW4rZpRlMY3rY5oV4FST2+IXuPjgNxSkBf8QegFblBAI
kg1bYLki15o+uaSwyZu+IhwGmmxK3hMzeALQRq2taykGX1WGyQF3P9PDkI69uuPg
WYSP094oKPxRF+mjlgwl/GN4samF0MEmXG8fABEBAAGJAbYEGAEKACAWIQQJIZaa
VvQgr5DmZjp5qyiZzq8u8AUCWxnHAAIbDAAKCRB5qyiZzq8u8AFOC/4hT6ioiTGM
hu6exMB/3178c3aKv6Wh2t/VcPG6faQDs487zqpq8/LUJevvVIqj5Xjnou/fTHob
zCB9k7T8nxM1f2sbjyg00LCFsGI2hC5Shwscr7FQR3uVOIuIhqZ4Gq78VGKzS+EP
r6w6aZDNYoU4q/kpN6W6BkWsxTNJofEgd3MAsObE2xbiV98pMe4mBRXZntSOsxAu
Kloh6mUsLB+ZxWhUmrKjLaa3s5h41OMwW8tyKcroliNzIAkipoOGHc1LHTo0P7kQ
JV1ydzWvolG5H11VSthqWbDJDGJFUcd6UzoqbgAsHproJKpcN+ZZeMzObDmQpXtE
elrmnxGwQQ/t/bwmwGcbHRouUyFuI7e4DxRMoye8yDZCJCWdvfLHhZ+5j6rWbV+l
Gx9gSIvqB0maoxlJAEkBsNtiwclBpcQJ2n1nSsbOqR+e/x07iKtucoAKeoR1BYcj
mmgKewvoLs/e7rnEXdnKePTbisd6ffC+4lc3fTmxtNgBn3QdkWjsz5o=
=IfRI
-----END PGP PUBLIC KEY BLOCK-----
0 tester@host$ gpg --verify test.txt 
gpg: Signature made Fri 08 Jun 2018 06:21:48 PM EDT
gpg:                using RSA key 3CEA0FC885E0919E89099CFABA0D05488E06702C
gpg: WARNING: signing subkey BA0D05488E06702C is not cross-certified
gpg: please see https://gnupg.org/faq/subkey-cross-certify.html for more information
gpg: Can't check signature: General error
2 tester@host$ gpg --no-require-cross-certification --verify test.txt 
gpg: Signature made Fri 08 Jun 2018 06:21:48 PM EDT
gpg:                using RSA key 3CEA0FC885E0919E89099CFABA0D05488E06702C
gpg: WARNING: signing subkey BA0D05488E06702C is not cross-certified
gpg: please see https://gnupg.org/faq/subkey-cross-certify.html for more information
gpg: Good signature from "bananas" [ultimate]
0 tester@host$
dkg created this task.Jun 9 2018, 12:33 AM
stm added a subscriber: stm.Jun 19 2018, 9:45 PM
werner closed this task as Resolved.Jul 4 2018, 9:10 AM
werner claimed this task.
werner added a subscriber: werner.

Fix will also go into 2.2.9

werner reopened this task as Testing.Oct 8 2018, 4:26 PM
werner added a project: backport.

The fix was not fully correct because it considered a back signature's usage tool.

dkg added a comment.Oct 8 2018, 5:07 PM

what does "back signature's usage tool" mean? can we make an addition to the test suite that ensures that bad signatures will be rejected?

Editor fault. The browser's editor is not like Emacs and here o my laptop the backspace key does not work as intended. I guess I was about to write ".. a back signature's usage flag".

Patches to the test suite are welcome.

werner closed this task as Resolved.