-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > [-] Fixed a bug of Beta/2 with S/MIME internal implementation. It didn't > check correctly the signatures.
> If I change the S/MIME engine to 'Microsoft CryptoAPI' all signed mails > are checked correctly. Be careful - CAPI may be checking the signatures incorrectly there - they might be bad (damaged in transit, perhaps? Malformed?). There's a known critical bug in MS CryptoAPI, which affects IE's SSL, Outlook (and OE's) S/MIME, and presumably The Bat!'s S/MIME if you choose to use that too - as well, I suppose, as Authenticode for automatic updates and ActiveX controls, but no-one's exploited either of those - yet. (OpenSSL had a similar bug - it was fixed more or less as soon as they were reported vulnerable.) CAPI doesn't check the basic restraints on certification keys, and will mistakenly verify as correct a signature where a normal, CA-certified server (or mail) key acts (outside of its constraints) as an intermediary CA. So, for example: [Issuer:VeriSign | Subject:VeriSign] - -[Issuer:VeriSign | Subject:[EMAIL PROTECTED]] - --[Issuer:[EMAIL PROTECTED] | Subject:Bill [EMAIL PROTECTED]] ...shows up as a valid signature chain. (You have to actually check the certificate chain very carefully on every message/SSL exchange to see the difference.) Yes, this allows practical man-in-the-middle attacks on SSL, and it breaks S/MIME too. I haven't actually tested whether The Bat! is vulnerable if using MS's CryptoAPI. I could probably do that if you like, but I'd guess it probably is. I also wouldn't be shocked if The Bat! uses OpenSSL for its implementation, and if the upgrade to that library ... in fact, yes, it does (checked with a hex editor and OpenSSL strings are clearly visible in 1.61). Assuming TB checks the basic constraints, it'll be okay. (In fact, that might be the bug talked about at the top of this message, that was fixed.) So, I'd avoid CryptoAPI for the time being, if I were you, I'd stick with TB's implementation...assuming you can get it to work of course. MS aren't taking the problem even remotely seriously, by the way, which is attracting a lot of fire on Bugtraq. Don't expect a fix until MS have stopped throwing a tantrum and the politics have died down. - -- /sjx. -----BEGIN PGP SIGNATURE----- iQA/AwUBPXZQrYrBVKGBkwKXEQIrzACfai0X3pPIzsvr5fyn8qXU2Q5/ksMAoO8H RxkfULzt06F5uoJa7iOuDUtb =Me91 -----END PGP SIGNATURE----- ________________________________________________ Current version is 1.61 | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html
