-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Public keys, with signatures from unknown keys, are treated as invalid keys #1001
Comments
To check the unknown signature is really causing the issue, I have used gnupg to edit Alice's key, removed Bob's signature, and imported this reduced key into RNP. This fixed the issue, sending the encrypted message to Alice was successful. |
@kaie thanks for noticing it. Within current logic signature from unknown key is considered as invalid, so the whole key is marked as invalid. And it seems to be too strict. Actually improving key trust settings is also part of the ongoing work. |
This patch allows me to use my usual keys.
edit: removed a leftover from a previous patch |
Sorry for the delay. It's on my TODO list, I'll test this in the next few days. |
@kaie No problem. Also you are welcome to check revocation signature export, as it was implemented in PR #1066 and merged. |
I confirm I can successfully encrypt to keys that contain unknown signatures, as an example I used my own key 25007724, without importing any of the keys that signed it. Regarding your question on revocation, I don't have the answer, I need to get back to you, let's involve also Patrick Brunschwig. |
(Tested with yesterday's tip) |
@ni4 I've been able to use new API rnp_key_export_revocation and it works for me. |
@kaie Great, thanks for letting us know. |
Alice's public key was signed by Bob.
Alice sends her key to Carol.
Carol uses OpenPGP software based on RNP.
Carol imports Alice's key, but doesn't have Bob's key.
Carol attempts to send an encrypted message to Alice.
Actual behavior:
Sending the encrypted message fails.
RNP reports that Alice's key is invalid.
[signature_check() /home/user/github/rnp/src/librepgp/stream-sig.cpp:1099] invalid or untrusted key
[validate_pgp_key_signature() /home/user/github/rnp/src/librepgp/stream-key.cpp:1571] bad signature
(line numbers are based on revision 369a687)
Expected behavior:
Carol should be able to send an encrypted message to Alice, even if Carol doesn't have Bob's key.
The text was updated successfully, but these errors were encountered: