Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign releases with something stronger than SHA1 #218

Open
g2p opened this issue Feb 1, 2023 · 2 comments
Open

Sign releases with something stronger than SHA1 #218

g2p opened this issue Feb 1, 2023 · 2 comments

Comments

@g2p
Copy link

g2p commented Feb 1, 2023

SHA1 is now rejected by sequoia and rustup

See https://www.reddit.com/r/rust/comments/10qlf1q/nightly_dc1d9d50f_20230131_signature_verification/ and rust-lang/rustup#3185

Steps to reproduce the issue:

cargo install sequoia-sqv
curl -O https://github.com/rust-lang/rustup/blob/master/src/rust-key.pgp.ascii
curl -O https://static.rust-lang.org/dist/channel-rust-nightly.toml
curl -O https://static.rust-lang.org/dist/channel-rust-nightly.toml.asc
sqv --keyring rust-key.pgp.ascii channel-rust-nightly.toml{.asc,}
Signing key on 108F66205EAEB0AAA8DD5E1C85AB96E6FA1BE5FE is not bound:
           No binding signature at time 2023-02-01T00:44:45Z
  because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance
  because: SHA1 is not considered secure since 2023-02-01T00:00:00Z

To fix: switch to a stronger digest
Not sure where gpg is called exactly, somewhere in one of the promote-release scripts?

@g2p
Copy link
Author

g2p commented Feb 1, 2023

I think the issue is with the Rust release key itself, which uses SHA-1 digests:

gpg --list-packets --verbose < src/rust-key.pgp.ascii |grep digest.algo

algo 2 is SHA-1: https://datatracker.ietf.org/doc/html/rfc4880#section-9.4

Should switch to algo 8, 9 or 10 (SHA-256, SHA-384 OR SHA-512).

The signature itself uses SHA-512:

gpg --list-packets --verbose < channel-rust-nightly.toml.asc |grep digest.algo
digest algo 10, begin of digest 19 b5

https://davesteele.github.io/gpg/2014/09/20/anatomy-of-a-gpg-key/

@g2p
Copy link
Author

g2p commented Feb 1, 2023

Apparently it is possible to update the digest algorithms without changing the key-id:

https://gitlab.com/sequoia-pgp/keyring-linter

Although it might be good to consider key rotation support later, to future-proof against any other issues the key might have.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant