Ubuntu
gnupg-pkcs11-scd package

Invalid signatures produced using gnupg-pkcs11-scd

Bug #1577818 reported by Moritz Bechler
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnupg-pkcs11-scd (Ubuntu)
New
Undecided
Unassigned

Bug Description

After upgrading from wily to xenial (and at the same time having to move from gpg to gpg2) I can no longer produce signatures using gnupg-pkcs11-scd.

Debugging this I found that the algorithm prefix is now included twice in the signed data, making the signature self-test fail.

Here we have the data to sign, including the algorithm prefix (3031300D0609608648016503004020):

2016-05-03 16:33:56 gpg-agent[18007] DBG: chan_6 -> SETDATA 3031300D0609608648016503040201050004207B1F9A47922DEDFA9E7A430B4191A1ED2474BE21A
48B8BCA9FE278DD586882C2
2016-05-03 16:33:56 gpg-agent[18007] DBG: chan_6 <- OK

Calling PKSIGN with the hash argument will cause gnupg-pkcs11-scd to add another copy of the algorithm prefix:
2016-05-03 16:33:56 gpg-agent[18007] DBG: chan_6 -> PKSIGN --hash=sha256 SafeNet\x20Inc\x2E/eToken/0020f8ec/mb/01

The signed data, showing the duplicated algorithm prefix under rsa_verify cmp is attached.

Not sure how a backward-compatible fix would look like (probably would have to check whether this prefix is already present), but forcing inject = INJECT_NONE in cmd_pksign seems to fix the issue for me.

Moritz

Revision history for this message
Moritz Bechler (bechler) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.