[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Strange gpg key shadowing

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Strange gpg key shadowing
From: Georgi Guninski <guninski@xxxxxxxxxxxx>
Date: Thu, 14 Jun 2012 12:18:26 +0300

While wasting my time with apt-key noticed strange behaviour with
colliding subkeys.

Out of paranoia ubuntu disallows importing certain trusted keyids.
This is trivial to circumvent by making a collision with subkey.

Attached is a key with subkey keyid colliding with 
Ubuntu Archive Master Signing Key <ftpmaster@xxxxxxxxxx>.

By emulating apt-key netupdate, noticed that the order of the keyrings
is important. If the master keyring is first, the colliding key with
correct signature fails validation (probably because the other key is used).
If the colliding keyring is first, everything is ok (modulo reporting wrong
signer).

Probably this may lead to gpg abuse.

colliding first:

$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring 
/etc/apt/secring.gpg --keyring /tmp/sec1 --keyring 
/usr/share/keyrings/ubuntu-master-keyring.gpg  --check-sigs
/tmp/sec1
---------
pub   1024R/76A4410F 2012-06-13
uid                  fuck31 (f) <f@f>
sig!3        76A4410F 2012-06-13  fuck31 (f) <f@f>
sig!         3F272F5B 2012-06-13  fuck31 (f) <f@f>
sig!         3F272F5B 2012-06-13  fuck31 (f) <f@f>
sub   1024R/2376C859 2012-06-13
sig!         76A4410F 2012-06-13  fuck31 (f) <f@f>
sub   2180R/3F272F5B 2012-06-13
sig!         76A4410F 2012-06-13  fuck31 (f) <f@f>

/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub   4096R/3F272F5B 2007-11-09
uid                  Ubuntu Archive Master Signing Key <ftpmaster@xxxxxxxxxx>
sig!3        3F272F5B 2007-11-09  fuck31 (f) <f@f> #wrong

1 signature not checked due to a missing key


master first:

$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring 
/etc/apt/secring.gpg --keyring /usr/share/keyrings/ubuntu-master-keyring.gpg  
--keyring /tmp/sec1  --check-sigs
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub   4096R/3F272F5B 2007-11-09
uid                  Ubuntu Archive Master Signing Key <ftpmaster@xxxxxxxxxx>
sig!3        3F272F5B 2007-11-09  Ubuntu Archive Master Signing Key 
<ftpmaster@xxxxxxxxxx>

/tmp/sec1
---------
pub   1024R/76A4410F 2012-06-13
uid                  fuck31 (f) <f@f>
sig!3        76A4410F 2012-06-13  [User ID not found]
sig-         3F272F5B 2012-06-13  Ubuntu Archive Master Signing Key 
<ftpmaster@xxxxxxxxxx> # wrong, signer is a subkey of f@f
sig-         3F272F5B 2012-06-13  Ubuntu Archive Master Signing Key 
<ftpmaster@xxxxxxxxxx> # wrong, signer is a subkey of f@f.
sub   1024R/2376C859 2012-06-13
sig!         76A4410F 2012-06-13  [User ID not found]
sub   2180R/3F272F5B 2012-06-13
sig!         76A4410F 2012-06-13  [User ID not found]

2 bad signatures
1 signature not checked due to a missing key

Attachment: sec1
Description: Binary data

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] VMSA-2012-0011 VMware hosted products and ESXi and ESX patches address security issues
Next by Date: [Full-disclosure] [CAL-2012-0015] opera website spoof
Previous by thread: [Full-disclosure] VMSA-2012-0011 VMware hosted products and ESXi and ESX patches address security issues
Next by thread: [Full-disclosure] [CAL-2012-0015] opera website spoof
Index(es):
- Date
- Thread