While wasting my time with apt-key noticed strange behaviour with colliding subkeys.
Out of paranoia ubuntu disallows importing certain trusted keyids. This is trivial to circumvent by making a collision with subkey. Attached is a key with subkey keyid colliding with Ubuntu Archive Master Signing Key <[email protected]>. By emulating apt-key netupdate, noticed that the order of the keyrings is important. If the master keyring is first, the colliding key with correct signature fails validation (probably because the other key is used). If the colliding keyring is first, everything is ok (modulo reporting wrong signer). Probably this may lead to gpg abuse. colliding first: $gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /tmp/sec1 --keyring /usr/share/keyrings/ubuntu-master-keyring.gpg --check-sigs /tmp/sec1 --------- pub 1024R/76A4410F 2012-06-13 uid fuck31 (f) <f@f> sig!3 76A4410F 2012-06-13 fuck31 (f) <f@f> sig! 3F272F5B 2012-06-13 fuck31 (f) <f@f> sig! 3F272F5B 2012-06-13 fuck31 (f) <f@f> sub 1024R/2376C859 2012-06-13 sig! 76A4410F 2012-06-13 fuck31 (f) <f@f> sub 2180R/3F272F5B 2012-06-13 sig! 76A4410F 2012-06-13 fuck31 (f) <f@f> /usr/share/keyrings/ubuntu-master-keyring.gpg --------------------------------------------- pub 4096R/3F272F5B 2007-11-09 uid Ubuntu Archive Master Signing Key <[email protected]> sig!3 3F272F5B 2007-11-09 fuck31 (f) <f@f> #wrong 1 signature not checked due to a missing key master first: $gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /usr/share/keyrings/ubuntu-master-keyring.gpg --keyring /tmp/sec1 --check-sigs /usr/share/keyrings/ubuntu-master-keyring.gpg --------------------------------------------- pub 4096R/3F272F5B 2007-11-09 uid Ubuntu Archive Master Signing Key <[email protected]> sig!3 3F272F5B 2007-11-09 Ubuntu Archive Master Signing Key <[email protected]> /tmp/sec1 --------- pub 1024R/76A4410F 2012-06-13 uid fuck31 (f) <f@f> sig!3 76A4410F 2012-06-13 [User ID not found] sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <[email protected]> # wrong, signer is a subkey of f@f sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <[email protected]> # wrong, signer is a subkey of f@f. sub 1024R/2376C859 2012-06-13 sig! 76A4410F 2012-06-13 [User ID not found] sub 2180R/3F272F5B 2012-06-13 sig! 76A4410F 2012-06-13 [User ID not found] 2 bad signatures 1 signature not checked due to a missing key
sec1
Description: Binary data
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
