GnuPG segfaults when encrypting mail to key with ed25519 / cv25519 subkeys

Bug #1778770 reported by Moritz Naumann on 2018-06-26
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnupg2 (Ubuntu)

Bug Description

Trying to encrypt an e-mail (suing a local RSA/RSA key pair) to a recipient who combines an RSA public key with RSA and ed25519 (both "usage: S", not expired) as well as a cv25519 (usage: E, not expired) subkey.

Just running gpg2 --edit-key with the recipients' key prints:
sub ed25519/[KEYID_REMOVED]
     created: [DATE_REMOVED] expires: [DATE_REMOVED] usage: S
gpg: error computing keygrip
gpg: error computing a keygrip: General error
sub cv25519/[KEYID_REMOVED]
     created: [DATE_REMOVED] expires: [DATE_REMOVED] usage: E

...but at least does not segfault, yet.


$ /usr/bin/gpg2 --charset utf-8 --display-charset utf-8 --batch --no-tty --no-verbose --status-fd 2 --digest-algo sha512 -a -t --encrypt --sign --trust-model always --encrypt-to MY_RSA_KEY -r RECIPIENTS_KEY -u MY_RSA_KEY

also reports:

gpg: error computing keygrip
gpg: error computing a keygrip: General error

and finally segfaults, reproducibly.


Program received signal SIGABRT, Aborted.
0x00007ffff69f5428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 0x00007ffff69f5428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007ffff69f702a in __GI_abort () at abort.c:89
#2 0x00005555555e68be in do_logv (level=level@entry=6, ignore_arg_ptr=ignore_arg_ptr@entry=0, fmt=fmt@entry=0x5555556171f8 "pop_filter(): filter function not found\n", arg_ptr=arg_ptr@entry=0x7fffffffbde0)
    at logging.c:737
#3 0x00005555555e77e3 in log_bug (fmt=fmt@entry=0x5555556171f8 "pop_filter(): filter function not found\n") at logging.c:825
#4 0x00005555555f06ee in pop_filter (a=a@entry=0x555555859cb0, f=f@entry=0x5555555f1ce0 <block_filter>, ov=0x0) at iobuf.c:1719
#5 0x00005555555f2b8d in iobuf_set_partial_block_mode (a=a@entry=0x555555859cb0, len=len@entry=0) at iobuf.c:2534
#6 0x000055555556a93c in do_plaintext (out=out@entry=0x555555859cb0, ctb=ctb@entry=203, pt=pt@entry=0x555555866280) at build-packet.c:554
#7 0x000055555556aded in build_packet (out=out@entry=0x555555859cb0, pkt=pkt@entry=0x7fffffffc3c0) at build-packet.c:127
#8 0x000055555559f40c in write_plaintext_packet (out=0x555555859cb0, inp=inp@entry=0x555555996ea0, fname=fname@entry=0x0, ptmode=116) at sign.c:614
#9 0x00005555555a0bd0 in sign_file (ctrl=<optimized out>, filenames=<optimized out>, detached=0, locusr=<optimized out>, encryptflag=1, remusr=<optimized out>, outfile=0x0) at sign.c:1021
#10 0x0000555555566c47 in main (argc=0, argv=0x7fffffffdcc0) at gpg.c:3886

This is GnuPG 2.1.11-6ubuntu2.1 with libgcrypt20 1.6.5-2ubuntu0.5 (standard package versions, fully updated) on 16.04.4 amd64.

I guess lack of support for such keys in 16.04 could be acceptable, but it should not just fail so miserably.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: gnupg2 2.1.11-6ubuntu2.1
ProcVersionSignature: Ubuntu 4.15.0-23.25~16.04.1-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
Date: Tue Jun 26 19:12:31 2018
InstallationDate: Installed on 2017-04-29 (422 days ago)
InstallationMedia: Ubuntu-Server 16.04.2 LTS "Xenial Xerus" - Release amd64 (20170215.8)
 PATH=(custom, no user)
SourcePackage: gnupg2
UpgradeStatus: No upgrade log present (probably fresh install)

Moritz Naumann (mnaumann) wrote :
dkg (dkg0) wrote :

note that Dependencies.txt says that libgcrypt20 is 1.6.5-2ubuntu0.5.

Curve25519 was added to libgcrypt20 in version 1.7.0.

Rubén Rodríguez (ruben-gnu) wrote :

I can confirm that backporting libgcrypt20 version 1.7.8-2ubuntu1.1 from artful-security fixes this problem. It requires backporting libgpg-error 1.27-3 from artful as a build-dep, to provide libgpg-error-mingw-w64-dev.

Moritz Naumann (mnaumann) wrote :

Affects multiple users (as per the comments).

Changed in gnupg2 (Ubuntu):
status: New → Confirmed
Moritz Naumann (mnaumann) wrote :

Related: #1677903, #1772457

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers