verification of OpenPGP signed presence stanza is failing
Bug description
The signed presence stanza (xep-0027) can use multiple hash algorithms, because OpenPGP supports multiple hash algorithms. But Gajim supports only single hash algorithm for signed presence stanza, SHA-1 . this is hardcodded in src/common/gpg.py
It's already recommended for users to migrate from SHA-1 to SHA-2 hash algorithm. http://www.debian-administration.org/users/dkg/weblog/48 http://csrc.nist.gov/groups/ST/hash/statement.html http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
Steps to reproduce
Try to send signed presence stanza with OpenPGP key which uses different hash algorithm, for example SHA2-256. The verification of signed presence will fail.
Fix
Because signed presence stanza doesn't transfer the hash algorithm, try all OpenPGP hash algorithms except for MD5.
diff -r 2a0673b623a6 src/common/gpg.py
--- a/src/common/gpg.py Mon Nov 18 22:51:56 2013 +0400
+++ b/src/common/gpg.py Fri Nov 22 23:14:30 2013 +0100
@@ -80,14 +80,21 @@
def verify(self, str_, sign):
if str_ is None:
return ''
- data = '-----BEGIN PGP SIGNED MESSAGE-----' + os.linesep
- data = data + 'Hash: SHA1' + os.linesep + os.linesep
- data = data + str_ + os.linesep
- data = data + self._addHeaderFooter(sign, 'SIGNATURE')
- result = super(GnuPG, self).verify(data)
+ # Hash algorithm is not transfered in the signed presence stanza so try
+ # all algorithms. Text name for hash algorithms from RFC 4880 - section 9.4
+ hash_algorithms = ['SHA512', 'SHA384', 'SHA256', 'SHA224', 'SHA1', 'RIPEMD160']
+ for algo in hash_algorithms:
+ data = os.linesep.join(
+ ['-----BEGIN PGP SIGNED MESSAGE-----',
+ 'Hash: ' + algo,
+ '',
+ str_,
+ self._addHeaderFooter(sign, 'SIGNATURE')]
+ )
+ result = super(GnuPG, self).verify(data)
+ if result.valid:
+ return result.key_id
- if result.valid:
- return result.key_id
return ''
def get_keys(self, secret=False):