Mailing List Archive

SHA2 digest, V2 smartcard and gpg-agent problem
Hi!

I've tried to use SHA256 digest for signing using openpgp V2 smartcard and got
the following error:

gpg: checking created signature failed: bad signature
gpg: signing failed: bad signature
gpg: signing failed: bad signature

It happens only if gpg uses gpg-agent which is configured to use scdaemon for
accesing smartcards.

If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN code
in the console then signing with SHA256 work perfectly. In case of enabled
gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an issue in gpg-
agent or scdaemon.

The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.

Thanks,

Stanislav

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: SHA2 digest, V2 smartcard and gpg-agent problem [ In reply to ]
I've detected the same problem.

If I disable the gpg-agent and use gnupg v1 instead gnupg is able to connect
to the pcsc daemon and use sha256 (and above) digests. If gnupg uses the agent
every attempt to do sha256 signing (--digest-algo sha256) fails.

So this is most likely an issue of gpg-agent.

On Saturday 01 May 2010 22:52:15 Stanislav Sidorenko wrote:
> Hi!
>
> I've tried to use SHA256 digest for signing using openpgp V2 smartcard and
> got the following error:
>
> gpg: checking created signature failed: bad signature
> gpg: signing failed: bad signature
> gpg: signing failed: bad signature
>
> It happens only if gpg uses gpg-agent which is configured to use scdaemon
> for accesing smartcards.
>
> If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN
> code in the console then signing with SHA256 work perfectly. In case of
> enabled gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an
> issue in gpg- agent or scdaemon.
>
> The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.
>
> Thanks,
>
> Stanislav
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: SHA2 digest, V2 smartcard and gpg-agent problem [ In reply to ]
On 05/01/2010 04:52 PM, Stanislav Sidorenko wrote:
> Hi!
>
> I've tried to use SHA256 digest for signing using openpgp V2 smartcard and got
> the following error:
>
> gpg: checking created signature failed: bad signature
> gpg: signing failed: bad signature
> gpg: signing failed: bad signature
>
> It happens only if gpg uses gpg-agent which is configured to use scdaemon for
> accesing smartcards.
>
> If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN code
> in the console then signing with SHA256 work perfectly. In case of enabled
> gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an issue in gpg-
> agent or scdaemon.
>
> The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.
>
> Thanks,
>
> Stanislav
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

Interesting, indeed. I unfortunately had to change my prefs when I got
my openpgp v2 card since I was using gpg2 and the agent is required. So
is this currently just an issue with gpg-agent? If I'm reading section
7.2.8.1 [Hash Algorithms] in the OpenPGP smart application PDF correctly
it seems only OpenPGP cards <2.0 are limited to SHA1 & RIPEMD-160.

"The following hash algorithms are supported by RFC 4880 and can be used
as input in the DSI. However the card may not check the integrity of a
DSI. Cards with Version < 2.0 sup­port RIPEMD-160 and SHA-1 only and may
check it, so other hash algorithms cannot be used."

Or is this saying >=2.0 OpenPGP cards can generate SHA2 hashes but
cannot verify them?

--
__________________________________
Chris Ruff
email: jcruff@gmail.com
gpg key: 0x0621F585
gpg fgpr: E3C4 0E2E AD99 59A2 E4D0
DC1B FD21 25BC 0621 F585
Re: SHA2 digest, V2 smartcard and gpg-agent problem [ In reply to ]
> Or is this saying >=2.0 OpenPGP cards can generate SHA2 hashes but
> cannot verify them?
Cards do not used to verify signatures. In my case GPG checks a signature
generated by card and fails because signature is invalid.

But it seems I've already found the issue, it is not in gpg-agent, but in gpg
itself.

file cardglue.c, lines 1324-1328:

init_membuf (&data, 1024);
snprintf (line, DIM(line)-1, "SCD PKSIGN %s%s",
hashalgo == GCRY_MD_RMD160? "--hash=rmd160 ": "",
serialno);
line[DIM(line)-1] = 0;

hashalgo is an int variable that contains hash id. As far as I understood this
code generates a request to scdaemon and forces using RIPEMD160 if hashalgo ==
GCRY_MD_RMD160 or default hash (SHA1?) if hashalgo equals to any other value.
I've made a quick&dirty fix that enables using SHA256 instead of RIPEMD160.
hashalgo == GCRY_MD_SHA256? "--hash=sha256 ": "",

Using my custom build I've successfully signed a message using SHA256. It is
not a problem to add all other hashes but I'm not sure about the impact of
such patch because I've just quickly checked the code :)

--
Stanislav


> On 05/01/2010 04:52 PM, Stanislav Sidorenko wrote:
> > Hi!
> >
> > I've tried to use SHA256 digest for signing using openpgp V2 smartcard
> > and got the following error:
> >
> > gpg: checking created signature failed: bad signature
> > gpg: signing failed: bad signature
> > gpg: signing failed: bad signature
> >
> > It happens only if gpg uses gpg-agent which is configured to use scdaemon
> > for accesing smartcards.
> >
> > If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN
> > code in the console then signing with SHA256 work perfectly. In case of
> > enabled gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an
> > issue in gpg- agent or scdaemon.
> >
> > The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.
> >
> > Thanks,
> >
> > Stanislav
> >
> > _______________________________________________
> > Gnupg-users mailing list
> > Gnupg-users@gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
> Interesting, indeed. I unfortunately had to change my prefs when I got
> my openpgp v2 card since I was using gpg2 and the agent is required. So
> is this currently just an issue with gpg-agent? If I'm reading section
> 7.2.8.1 [Hash Algorithms] in the OpenPGP smart application PDF correctly
> it seems only OpenPGP cards <2.0 are limited to SHA1 & RIPEMD-160.
>
> "The following hash algorithms are supported by RFC 4880 and can be used
> as input in the DSI. However the card may not check the integrity of a
> DSI. Cards with Version < 2.0 sup­port RIPEMD-160 and SHA-1 only and may
> check it, so other hash algorithms cannot be used."
>
> Or is this saying >=2.0 OpenPGP cards can generate SHA2 hashes but
> cannot verify them?


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: SHA2 digest, V2 smartcard and gpg-agent problem [ In reply to ]
Stanislav Sidorenko <stanislav@sidorenko.biz> writes:

> I've made a quick&dirty fix that enables using SHA256 instead of RIPEMD160.
> hashalgo == GCRY_MD_SHA256? "--hash=sha256 ": "",
>

Okay. I just fixed that and gnupg 1 will now allow all hash
algorithms. Note that this change is only required if you use gpg 1
with gpg-agent. In general it is better to use gpg2 - we keep gpg
mainly for server operations and then it uses the integrated card stuff
- without scdaemon.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users