Version: 1.9.3 (using KDE KDE 3.5.3) Installed from: Ubuntu Packages I have used RIPEMD160 hashed signatures for a while now. Apparently, after I have migrated to KMail, these do not always work in other clients. It would appear that the reason for this is that KMail sets the header that describes the signature to be something different then what the signature actually is using, by way of assumption. My messages are going out with: Content-Type: multipart/signed; boundary="nextPart8781268.2g4feAcxuP"; protocol="application/pgp-signature"; micalg=pgp-sha1 It should be going out with the header line "micalg" reading a value of "pgp-ripemd160". The preferences for my signature type are listed in the GnuPG configuration file: digest-algo RIPEMD160 KMail does not seem to have a way to change its perception of what digest hashing algorithm to use, either. I think this would be considered an integration issue with GnuPG. When the message is opened in another client (say, Thunderbird with EnigMail) the client becomes confused (specifically, GnuPG becomes confused). The error received from EnigMail is: ==== Unverified Signature gpg command line and output: M:\\Portable Applications\\PortableThunderbird\\gpg\\gpg.exe --charset utf8 --batch --no-tty --status-fd 2 --verify gpg: Signature made 06/06/06 19:24:09 using DSA key ID 19C59A30 gpg: WARNING: signature digest conflict in message gpg: Can't check signature: general error ==== I am not able to replicate the result directly because I am not exactly sure how OpenPGP data is supposed to be fed to GnuPG for verification. The person who received this message sent me a message back, so that I was able to see what her headers looked like, and her header describing the signature would appear to be correct: Content-Type: multipart/signed; micalg=pgp-ripemd160; protocol="application/pgp-signature"; boundary="------------enig8D90E73118009A487A1FAFF6" More attached data to come.
Created attachment 16513 [details] RIPEMD160 signed message, OpenPGP/MIME, from Thunderbird/Enigmail This message is signed with OpenPGP/MIME, using Thunderbird and Enigmail as the front-end to GnuPG. The Content-Type header contains the right information about the message digest algorithm.
Created attachment 16514 [details] KMail message, OpenPGP/MIME, RIPEMD160 This message has an incorrect header. (KMail, however, says that it is okay. Appears that KMail ignores the header?)
Created attachment 16515 [details] Error Output from Thunderbird on my KMail message This error is a result of viewing the message that is in attachment 16514 [details], which appears to have the header set to the wrong digest hash algorithm (SHA1, when it should be RIPEMD160).
Should any more data be required, please do not hesitate to let me know!
Confirming this problem with KMail (I'm currently using version 4.1.4) I'm having the same issues but with SHA-256 instead of RIPEMD160 (dupe from http://forum.kde.org/kmail-openpgp-mime-hash-in-micalg-is-wrong-t-27682.html ) Sending a mail with thunderbird gives a header such as this: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig6C27345EB16199DD8B1DCF31" Sending a mail with KMail gives this header instead, but same key is used: Content-Type: multipart/signed; boundary="nextPart3110028.RrybVz1ln4"; protocol="application/pgp-signature"; micalg=pgp-sha1 Please note that this only applies to OpenPGP/MIME and not OpenPGP/inline as that works just fine.
*** This bug has been confirmed by popular vote. ***
I can confirm that KMail inappropriately generates "micalg=pgp-sha1" even when actually using a different digest algorithm to sign the message (here: SHA-512 or SHA-256). Given that by now, SHA-1 has been seriously compromised, using SHA-1 simply isn't an acceptable alternative anymore. What will it take to get this fixed in KMail?
adding Marc to the CC on this. Maybe he knows more about it.
Again, what will it take to get this fixed in KMail? Who is most well versed in the mechanics involved? Can we pay that someone to have this fixed?
Any updates on this? From my understanding this can lead to the recipient's client complaining about an invalid signature, even if the sender using KMail did not change anything in his GnuPG configuration, because: 1) There are clients which complain when the declared hash algorithm does not match the hash algorithm that has been used. If I remember correctly I encountered this problem with Sylpheed (and this is how I got aware of this bug in the first place). 2) If a mail is both, encrypted and signed, GnuPG by default should use the hash algorithm that is preferred according to the recipient's key preferences. So if the recipient prefers SHA256 according to his key SHA256 should be used. However, KMail will still declare it as SHA1. With people moving away from SHA1, I think the priority of this bug should be increased.
Created attachment 39112 [details] Patch against kdepim 4.3.2 Retrieves the name of the signature hash algorithm from GpgME and places it in the micalg parameter of the Content-Type header for both PGP and S/MIME.
SVN commit 1065228 by tmcguire: Specify the correct algorithm which was used for creating the hash of the signature. Thanks to Michael Gorven for the patch! CCBUG: 128784 M +8 -2 messagecomposer.cpp M +4 -0 messagecomposer.h WebSVN link: http://websvn.kde.org/?view=rev&revision=1065228
SVN commit 1065232 by tmcguire: Backport r1065228 by tmcguire from trunk to the 4.3 branch: Specify the correct algorithm which was used for creating the hash of the signature. Thanks to Michael Gorven for the patch! BUG: 128784 M +8 -2 messagecomposer.cpp M +4 -0 messagecomposer.h WebSVN link: http://websvn.kde.org/?view=rev&revision=1065232
Thanks Michael for the patch, it will be in KDE 4.3.5 and KDE 4.4.0. If you have further patches, please use Reviewboard, see http://techbase.kde.org/Contribute/Send_Patches. It's easy to miss patches here on bugzilla, good thing I saw this one :)
*** Bug 218721 has been marked as a duplicate of this bug. ***