Page MenuHome GnuPG

TheParanoidProgrammer (Florian Schwalm)
User

Projects

User does not belong to any projects.

User Details

User Since
Jan 16 2022, 10:20 PM (114 w, 4 d)
Availability
Available

Recent Activity

Feb 28 2022

TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

do you mean "dirmngr on Windows choses this one"? As in my mental model, dirmngr only loads all certifices from the windows stores on startup, but not during operations when requests come in (I maybe wrong though, I did not inspect the source code on this).

Feb 28 2022, 12:35 PM · gnupg (gpg22), dirmngr
TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

But in Windows 10 I get nothing in the certs.log file.

Feb 28 2022, 12:20 PM · gnupg (gpg22), dirmngr

Feb 24 2022

TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

Ok, I managed to find 48504E974C0DAC5B5CD476C8202274B24C8C7172 via Powershell. It was in the CA store of my non-privileged user and since I always checked the certificate store as administrator it did not show up there. After removal of this intermediate certificate I am able to use hkps://keyserver.ubuntu.com.

Feb 24 2022, 10:43 PM · gnupg (gpg22), dirmngr
TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

Ok, so order of loading is not a problem since the cache does not store them by insertion order, but instead indexes them by the first byte of their fingerprint.
So, I think the problem here is that the expired intermediate certificate (48504E974C0DAC5B5CD476C8202274B24C8C7172) is somehow loaded in Windows and since its fingerprint's first byte is less than the server-supplied intermediate (A053375BFE84E8B748782C7CEE15827A6AF5A405) Windows chooses this one. I can see that the expired intermediate certificate is indeed loaded on Windows if I increase verbosity of dirmngr logs. However, I am still unsure where this certificate lives. The log says it comes from the "CA" store, but searching for it visually or by fingerprint search in Windows Certificates Snap-In (MMC) does not let me find it.
I will keep looking, but if you want to reproduce in your VMs, I suppose adding the expired intermediate certificate and the expired root certificate to the system store should make this reproducible.

Feb 24 2022, 10:26 PM · gnupg (gpg22), dirmngr
TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

On a side note, it turns out that Ubuntu Maintainers ship gpg with GnuTLS dynamically linked, so that's why I went down that road first. I compiled gpg from source for Ubuntu with ntbtls for further tests. Interesting insight is that find_cert_bysubject returns different certificates on first try on my Ubuntu Machine compared to my Windows 10 Machine:

Feb 24 2022, 1:06 AM · gnupg (gpg22), dirmngr

Feb 23 2022

TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

Ok, I may see three potential problems in dirmngr->validate.c->validate_cert_chain(), but it may also be my limited familiarity with the gnupg source.

  • Here we leave the certificate validation loop at the first trusted root certificate, even if it is expired as we only mark this fact for later evaluation.
  • Here we seem to only ever go up the chain, never sideways as is the case in the original patch for this bug.
  • And probably most impactful, here we fail the whole validation if any of the previously checked certificates is expired, so that even if we would fix the second point by checking sibling certificates, we would still get an overall failure.
Feb 23 2022, 10:18 PM · gnupg (gpg22), dirmngr
TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

What I wonder is: In a number of tests in our machines (mostly virtual machines), the TLS access to keyserver.ubuntu.com does work. I have yet to see a VM where it does not. So there must be a difference.

Feb 23 2022, 9:37 PM · gnupg (gpg22), dirmngr
TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

Not a solution yet, but some more insights.
Starting from @NoSubstitute 's log output and from @bernhard 's statement that we use ntbTLS I verified that my dirmngr.exe was indeed compiled with NTBTLS 0.2.0. I did so by running strings "C:\Program Files (x86)\GnuPG\bin\dirmngr.exe" | grep TLS which returned "This is NTBTLS 0.2.0 - Not Too Bad TLS" among other strings. I also grepped for some debug strings introduced in newer commits to verify that the NTBTLS version used is not the current HEAD of master, but at least some commit before 64f895dba734802662cbb81b64cd0b4af198ee71. I will just assume it is the actual 0.2.0 release for now.

Feb 23 2022, 9:33 PM · gnupg (gpg22), dirmngr

Feb 21 2022

TheParanoidProgrammer added a comment to T5639: dirmngr uses the wrong Let's encrypt chain.

Alright, in the hope it helps to pin this down, trying to sum up what I tried during and after my conversation with @bernhard so far:

  • Windows 10 keeps both the old and new root CA in the store and manual edits to the root certificate store are undone by the OS sooner or later
  • ignoring the intermediate certificate with dirmngr --ignore-cert 48504E974C0DAC5B5CD476C8202274B24C8C7172 fixes the problem as a workaround, but is not a satisfying solution
  • I cloned the repository and took a look at the original patch; while it seems that we only check validity of certificates without considering the expiration date, the patch does fix the original bug which I confirmed by compiling gpg from source at the commit containing the patch and another version at the commit prior to the patch. That is, the patch successfully fixes this on my Ubuntu machine. On my Windows 10 machine the bug persists no matter if using a self-compiled version from those commits or the official versions from gpg4win.
  • During exploring the source code and finding out how to compile and test from source I found out that I can reproduce the bug on Ubuntu if I compile gpg with the patch applied, but with a GnuTLS version that does not have their patch for this issue. Since this is the case with the default GnuTLS dev sources in Ubuntu 20.04., I had to get GnuTLS library from the project itself in order to successfully compile gpg for Ubuntu. For Windows the problem persists, however. I did not find GnuTLS or any other TLS library in the application directory of the GPG install on Windows nor in the installer itself. So I'm wondering if the remaining issue on Windows is actually with the used TLS library there. Does gpg4win ship a TLS library with gpg or does it use a system default?
  • The fixed version of GnuTLS is 3.6.14 for the project itself, there are backports of this patch for Ubuntu Xenial and Bionic, unfortunately not for Focal yet.
Feb 21 2022, 10:05 PM · gnupg (gpg22), dirmngr