Open VincentBentley opened 2 years ago
As I am not sure where the problem domain is, be it Wordpress plug-in, OpenPGP.php or Thunderbird, I have also posted in the following issues:
https://bugzilla.mozilla.org/show_bug.cgi?id=1749600
https://github.com/fabacab/wp-pgp-encrypted-emails/issues/42
The issue is in function OpenPGP_SignaturePacket::sign_data()
. It sets $this->hash_head
to the leftmost 2 bytes of the calculated signature material, while it must set it to the 2 leftmost bytes of the hash which is signed.
RFC 4880 first describes it in a way which may be misleading:
Two-octet field holding the left 16 bits of the signed hash value.
but afterwards it describes field in more details:
The resulting hash value is what is signed. The left 16 bits of the hash are included in the Signature packet to provide a quick test to reject some invalid signatures..
...given that hash is calculated somewhere inside of the phpseclib
, the fast but dirty solution would be to calculate hash again in sign_data()
.
Is Thunderbird implementing OpenPGP themselves? Because the keys can be imported by GnuPG without issue...
@singpolyma Thunderbird uses RNP library as OpenPGP backend: https://github.com/rnpgp/rnp/ (and I'm working on it). And it discards signatures with wrong leftmost bits of the signed hash. GnuPG probably is more relaxed on this check.
...btw, we are also working on bindings for the PHP module: https://github.com/rnpgp/php-rnp
I wanted to use a WordPress plug-in that makes use of this library but the keypairs it creates cannot be imported into Thunderbird 91.4.1 email client. Messages arrive signed but as it is impossible to import the sender's public key either automatically, from a file, or from the clipboard there is no guarantee that the sender is authentic which makes the plug-in useless. See this issue for the WordPress plug-in for more info. The plug-in's author has closed the issue but the problem is unresolved.
This may be relevant.