On 14/05/18 10:42, Robert J. Hansen wrote: > ... Yep, GnuPG will warn you the message was not integrity protected. > Your email client should see this warning and refuse to render the message.
I tried again using CAST5 instead of MD5 to bypass the smartcard bug.
The news is not good.
```
andrewg@fred:~$ gpg --recipient 0xFB73E21AF1163937 --cipher-algo CAST5
--disable-mdc --encrypt --sign --armor reply.txt
gpg: using "00CC54C6A0C601691AF4931FFB73E21AF1163937" as default secret
key for signing
File 'reply.txt.asc' exists. Overwrite? (y/N) y
andrewg@fred:~$ gpg reply.txt.asc
gpg: WARNING: no command supplied. Trying to guess what you mean ...
gpg: encrypted with 4096-bit RSA key, ID 0x6B09069314549D4B, created
2013-07-02
"Andrew Gallagher <[email protected]>"
File 'reply.txt' exists. Overwrite? (y/N)
Enter new filename: foo
gpg: Signature made Mon 14 May 2018 11:57:17 IST
gpg: using RSA key 291E79A1DC55AE27A52EEF835C1EC404D5906629
gpg: Good signature from "Andrew Gallagher <[email protected]>" [ultimate]
gpg: aka "Andrew Gallagher <[email protected]>" [ultimate]
gpg: aka "Andrew Gallagher <[email protected]>"
[ultimate]
gpg: aka "Andrew Gallagher
<[email protected]>" [ultimate]
gpg: aka "[jpeg image of size 18803]" [ultimate]
gpg: aka "Andrew Gallagher <[email protected]>"
[ultimate]
Primary key fingerprint: 00CC 54C6 A0C6 0169 1AF4 931F FB73 E21A F116 3937
Subkey fingerprint: 291E 79A1 DC55 AE27 A52E EF83 5C1E C404 D590 6629
gpg: WARNING: message was not integrity protected
```
So far so good - gnupg correctly throws a warning. But:
```
andrewg@fred:~$ cat reply.txt.asc | mailx [email protected] -s "test
message"
```
Now in Enigmail, I get a decrypted message with a green bar and no
warnings whatsoever:
```
Enigmail Security Info
Decrypted message
Good signature from Andrew Gallagher <[email protected]>
Key ID: 0xF1163937 / Signed on: 14/05/18, 11:57
Key fingerprint: 00CC 54C6 A0C6 0169 1AF4 931F FB73 E21A F116 3937
Used Algorithms: RSA and SHA512
Note: The message is encrypted for the following User ID's / Keys:
0x6B09069314549D4B (Andrew Gallagher <[email protected]>)
```
So it would appear that Enigmail IS VULNERABLE.
I have reproduced this on debian's 2:1.9.9-1~deb9u1 (v1.9.9) and 2.0.3
on Mac. By comparison, the default cipher (AES) correctly throws a
decryption error in enigmail using the same test systems.
--
Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
