Delivery-Date: Sat, 28 Feb 2015 12:26:36 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 5B7661E02BB
	for <archiver@seul.org>; Sat, 28 Feb 2015 12:26:33 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3059D33FDD;
	Sat, 28 Feb 2015 17:26:30 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6E88833FB6
 for <tor-talk@lists.torproject.org>; Sat, 28 Feb 2015 17:24:09 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id VYazRwD_Y6wm for <tor-talk@lists.torproject.org>;
 Sat, 28 Feb 2015 17:24:09 +0000 (UTC)
Received: from mail-03.1984.is (mail-03.1984.is [93.95.224.70])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 2F59F33FAE
 for <tor-talk@lists.torproject.org>; Sat, 28 Feb 2015 17:24:09 +0000 (UTC)
Received: from host183-137-dynamic.211-62-r.retail.telecomitalia.it
 ([62.211.137.183] helo=blues.local.sinic.name)
 by mail-03.1984.is with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256)
 (Exim 4.80) (envelope-from <sinic@sinic.name>)
 id 1YRl7U-00023v-Lp; Sat, 28 Feb 2015 17:24:04 +0000
Received: from localhost (blues.local.sinic.name [local]);
 by blues.local.sinic.name (OpenSMTPD) with ESMTPA id 949f333b;
 Sat, 28 Feb 2015 18:23:17 +0100 (CET)
Date: Sat, 28 Feb 2015 18:23:17 +0100
From: Simon Nicolussi <sinic@sinic.name>
To: andre76@fastmail.fm
Message-ID: <20150228172317.GA10044@blues.local.sinic.name>
Mail-Followup-To: andre76@fastmail.fm, tor-talk@lists.torproject.org
References: <1424955764.2354591.232742237.2CF4B4C5@webmail.messagingengine.com>
 <20150226165538.GA24850@blues.local.sinic.name>
 <1425041044.54292.233221517.5204784B@webmail.messagingengine.com>
 <20150227132458.GE2262@mars-attacks.org>
 <1425130079.1646121.233614441.35E2D594@webmail.messagingengine.com>
MIME-Version: 1.0
In-Reply-To: <1425130079.1646121.233614441.35E2D594@webmail.messagingengine.com>
Cc: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============4889336519955244921=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============4889336519955244921==
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="vqH4NJnLjcTi6fE3"
Content-Disposition: inline


--vqH4NJnLjcTi6fE3
Content-Type: multipart/mixed; boundary="Lhc3Z8HNH87hA+pb"
Content-Disposition: inline


--Lhc3Z8HNH87hA+pb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

andre76@fastmail.fm wrote:
> I have no idea what all of this means but when I see something that says
> "BAD signature" that tells me something is wrong.

Yes, the .asc file that Nicolas was talking about is the one an attacker
would distribute alongside a manipulated .tar.xz file. Your .asc file is
fine, so GnuPG sounds the alarm if someone messed with the archive.

An attacker, however, could easily fool GnuPG with a file inline-signed
by the Tor Browser Developers. Using, e.g., sha256sums.incrementals.txt
and the respective detached signature sha256sums.incrementals.txt.asc
(both available at https://dist.torproject.org/torbrowser/4.0.4/), an
attacker first creates a signed file with an arbitrary key:
> $ gpg2 --digest-algo SHA1 --compress-algo uncompressed       \
> >      --set-filename tor-browser-linux32-4.0.4_en-US.tar.xz \
> >      --output fake.asc --sign sha256sums.incrementals.txt

The newly created signature packet gets thrown away:
> $ eval $(gpg2 --list-packets fake.asc | grep ^# | grep " tag=3D2 " \
> >                                     | grep -o " off=3D[[:digit:]]* ")
> $ dd if=3Dfake.asc of=3Dtor-browser-linux32-4.0.4_en-US.tar.xz.asc \
> > bs=3D1 count=3D$off

And the signature of the Tor Browser Developers takes its place:
> $ gpg2 --output - --dearmor sha256sums.incrementals.txt.asc \
>        >> tor-browser-linux32-4.0.4_en-US.tar.xz.asc

GnuPG now won't even take a look at the .tar.xz archive when called with
that .asc file as its only argument, but still reports a good signature.
I've attached the file for you to try it out.

> What must be done to fix this?

Specify both the detached signature and the archive you want to verify.

--=20
Simon Nicolussi <sinic@sinic.name>
http{s,}://{www.,}sinic.name/

--Lhc3Z8HNH87hA+pb
Content-Type: text/plain; charset=utf-8
Content-Disposition: attachment; filename="tor-browser-linux32-4.0.4_en-US.tar.xz.asc"
Content-Transfer-Encoding: quoted-printable

=90=0D=03=00=02=01E=B7=A0=EC=BEs=B6=80=01=AD=1B=8Cb&tor-browser-linux32-4.0=
=2E4_en-US.tar.xzT=F1=F981d555327f1069bfa37a7650de170b2ac54d3cab46fb08a9335=
2e286d7f231cfb  tor-browser-linux32-4.0.3-4.0.4_ar.incremental.mar
ff45e0930b73ab90eec8a19dfd00858de79244f5542e681e865e4f2b23aae53d  tor-brows=
er-linux32-4.0.3-4.0.4_de.incremental.mar
085942ea4a5712dd89ee0052a9dfda5fab82629daa84dd155cae55fc79983909  tor-brows=
er-linux32-4.0.3-4.0.4_en-US.incremental.mar
d9f418eed9eb132407ca212c8cc06a13c6eab879a49312b6c9946020d1b90306  tor-brows=
er-linux32-4.0.3-4.0.4_es-ES.incremental.mar
b277a5431252999c760043408b9843646511a7397a9dea4f3836fab4beb305b8  tor-brows=
er-linux32-4.0.3-4.0.4_fa.incremental.mar
d5509dc074869b2836cb15f43d86db25adc9a21629562193efbc3cd9c7cce78e  tor-brows=
er-linux32-4.0.3-4.0.4_fr.incremental.mar
e996e886281d690f4af0dbea452871edc1bd184d7e3342157504de065486daf3  tor-brows=
er-linux32-4.0.3-4.0.4_it.incremental.mar
3593c8d74979535fbb3aea06c0e6f193122f6007bc9210870add88549470eea0  tor-brows=
er-linux32-4.0.3-4.0.4_ko.incremental.mar
4a9156971527fe19f5d23f7142f09d1422d66d865397f00838e78a754ccf3fa2  tor-brows=
er-linux32-4.0.3-4.0.4_nl.incremental.mar
0ff73b7157edee91224e2e2caea1029942142d22ffb71749ef98fea7103adb07  tor-brows=
er-linux32-4.0.3-4.0.4_pl.incremental.mar
42c27e4106839fe78e6f4e5e2a6db610d4b2852a3ebe79431917ff2ddcb1f412  tor-brows=
er-linux32-4.0.3-4.0.4_pt-PT.incremental.mar
f5df08ec02179b676b2ddad833bffbb7fdbe9fdc12107ec58a5bcf285a4e4fcd  tor-brows=
er-linux32-4.0.3-4.0.4_ru.incremental.mar
6ab7cc22d9052602070b4fbdf0c4c5c652ff794302cb3d2e14d6c1dd70dd2ea2  tor-brows=
er-linux32-4.0.3-4.0.4_tr.incremental.mar
79d4289910a2b124059b8dd98577dde8241bcbd007ffeec03c92e1decf717b79  tor-brows=
er-linux32-4.0.3-4.0.4_vi.incremental.mar
209f55e7112536374fd8cc873f85806f8e154ed91a2756ed21c27e2837787abc  tor-brows=
er-linux32-4.0.3-4.0.4_zh-CN.incremental.mar
31a1c65834c345a977d395b8fc393e30d0087159dfa34eaba15e868d827e7757  tor-brows=
er-linux64-4.0.3-4.0.4_ar.incremental.mar
7b3ffe728ab414fd4e93fbb5b382eeeb6cb6d77e45f069ebd0bff77ec155d78a  tor-brows=
er-linux64-4.0.3-4.0.4_de.incremental.mar
ec51924f1e45fc49bc7eee3fa7897f78dfb048397114a163f2a65111a96cfad1  tor-brows=
er-linux64-4.0.3-4.0.4_en-US.incremental.mar
194f9d82f552d8fb0de22c1246928a292a144a6c247e82804dd792064f7446af  tor-brows=
er-linux64-4.0.3-4.0.4_es-ES.incremental.mar
c028f5c38acc5d4bf88b134ff6d147ecef97a6861bcc221aae95c73454de96f4  tor-brows=
er-linux64-4.0.3-4.0.4_fa.incremental.mar
23d4d2033d506f7f0765f81c9eb618c7509175724a59204dd7365a6ded3ee375  tor-brows=
er-linux64-4.0.3-4.0.4_fr.incremental.mar
da11d97b708624fd180fc2a2e78ddff3068db433dd214d85efce6cc4ad47b594  tor-brows=
er-linux64-4.0.3-4.0.4_it.incremental.mar
7174322c0614b6e550410d43016457ff19620b741d9f0531847df91e73fbc5a5  tor-brows=
er-linux64-4.0.3-4.0.4_ko.incremental.mar
6d875b7746465a7cfb7be60c192f54d97e23da3d6806d8eca67936f98ac449f8  tor-brows=
er-linux64-4.0.3-4.0.4_nl.incremental.mar
0087c11270eeaeae364e95e14f05ee56997862159b2ab42d5326682fcb86841a  tor-brows=
er-linux64-4.0.3-4.0.4_pl.incremental.mar
7d163e2d72cac82f7eefbd4e35d9b77db43b184bed8eabe9cd77c02087cfe8ce  tor-brows=
er-linux64-4.0.3-4.0.4_pt-PT.incremental.mar
f605cc355568cf8bb0f32508aae6854edd07e6773cbae83423d865a68fa0171c  tor-brows=
er-linux64-4.0.3-4.0.4_ru.incremental.mar
5f397d6d0d0e305521256f1d155ac5dc5afc3999e81b481c04b839ef647bbf0f  tor-brows=
er-linux64-4.0.3-4.0.4_tr.incremental.mar
5ddcf65897d91b889a72c3fc7d100d202bfaafc3801165169acc2553ec30d545  tor-brows=
er-linux64-4.0.3-4.0.4_vi.incremental.mar
7e3c65af4624c16d4b15d0dc9d1cdaa30648e509d137f2696ae826d13d08fd87  tor-brows=
er-linux64-4.0.3-4.0.4_zh-CN.incremental.mar
58f29a33aa20bec9fddeb750a643553063350362f6cd1d9b5a310350ec1886b4  tor-brows=
er-osx32-4.0.3-4.0.4_ar.incremental.mar
c5968b74eb54cd18e2c430517fa35379f0d3be2aa3422ac8ab1831a631ae1478  tor-brows=
er-osx32-4.0.3-4.0.4_de.incremental.mar
a814206039b9b5327d8981d06c6fd3310e3d4ae4216f4f91adce32e146517462  tor-brows=
er-osx32-4.0.3-4.0.4_en-US.incremental.mar
b2b05ac8fd2b37a43b4dae4312ad5660761576254f023cb804735a269b22ad5f  tor-brows=
er-osx32-4.0.3-4.0.4_es-ES.incremental.mar
6a53a941e92f6fb8ed5cd10767339fcebb043f1d73b3ecd28bf2829c3c3bed57  tor-brows=
er-osx32-4.0.3-4.0.4_fa.incremental.mar
ddacc28b55ff9dfb61665a582ab55accfaa0a3a361a89c02a7cd267c135f6a52  tor-brows=
er-osx32-4.0.3-4.0.4_fr.incremental.mar
3b57477610ea1a22230ff79ad5ee699bfedb7f9a14c8ff1709e59a600aa7d7e5  tor-brows=
er-osx32-4.0.3-4.0.4_it.incremental.mar
0dacb844b83cf786b1c8e1d08e957beae9f34c06c31d5f04f26de22c699df97f  tor-brows=
er-osx32-4.0.3-4.0.4_ko.incremental.mar
d7c9f28f02f5fda41f6a0c7b6e9bb791c008d67dead1461c48cfd986c01c5323  tor-brows=
er-osx32-4.0.3-4.0.4_nl.incremental.mar
94fdd46f81f2b50d13ef7cb01f5f48f6602690e5fa500d3e8ef01cb6aa1ee4cb  tor-brows=
er-osx32-4.0.3-4.0.4_pl.incremental.mar
b42912dd4c18010aa73976b26d0c9435fc8736e2ca4b6103a229375889aa5a95  tor-brows=
er-osx32-4.0.3-4.0.4_pt-PT.incremental.mar
e7c633186cb6e0b326d9479d902bfd9791e0e0a744ff450b4595f2aa4fbbe189  tor-brows=
er-osx32-4.0.3-4.0.4_ru.incremental.mar
6b383116af2ad6ac045409734fd4f1e49f647e4d519318715de36b20a0b11e1f  tor-brows=
er-osx32-4.0.3-4.0.4_tr.incremental.mar
d87ea45209ef8498b229d46655d04bb8a8cb94972e6188f67e9ae4f6a4750c50  tor-brows=
er-osx32-4.0.3-4.0.4_vi.incremental.mar
0fd4968b53187338500be4a213b8c81919dd2a2f78e10a3fa4d96b0b99061215  tor-brows=
er-osx32-4.0.3-4.0.4_zh-CN.incremental.mar
0cd2f1dfd67cc6cbac4c4f0110af09ad70a35daee98d51649682e1f438dd8762  tor-brows=
er-win32-4.0.3-4.0.4_ar.incremental.mar
ac20e10841b0859011fc105fbfb54a14f23badb61f101209d1face97a63bc3f2  tor-brows=
er-win32-4.0.3-4.0.4_de.incremental.mar
fcfe6df50b71824c2b0a6488e3939a05bd567b4ab7668a78e8198ec965c70a7d  tor-brows=
er-win32-4.0.3-4.0.4_en-US.incremental.mar
f3be796a961c068c9b214ca1f0c251a93a6cb23d90700609ac9944b82ded7e0b  tor-brows=
er-win32-4.0.3-4.0.4_es-ES.incremental.mar
ac1d28985b54eaac7f946188c06470174c6a56545af0640a3fdc2c012fcea505  tor-brows=
er-win32-4.0.3-4.0.4_fa.incremental.mar
21c71dde4b74385576b1cae4b646cd26543495b467e511889fe0d76258755135  tor-brows=
er-win32-4.0.3-4.0.4_fr.incremental.mar
f6fde39e25ca3ed9f5c945dbb23a825d7cc118dd8cb47b0618c6fc83b561bf45  tor-brows=
er-win32-4.0.3-4.0.4_it.incremental.mar
fd94e41b80faa2bf3ca35d2e71a9e5835e6939e50465730dde56b42ed618c2dc  tor-brows=
er-win32-4.0.3-4.0.4_ko.incremental.mar
9bd83d7c0d289db642a7169fd1cbe507e2d00f3bd882eee0d112eb1215a9be71  tor-brows=
er-win32-4.0.3-4.0.4_nl.incremental.mar
34e72128f73356c4a35ab296cf2913d6e09f3e8176f39dd08e44ecb769072dd5  tor-brows=
er-win32-4.0.3-4.0.4_pl.incremental.mar
fe12fa9567eddc9746ec9e99a47760b97515f027bfeb51fe362717e281afe6af  tor-brows=
er-win32-4.0.3-4.0.4_pt-PT.incremental.mar
63902f59c5483266fc635564ef9dc0579d4743e721efebac6d6a882372551a5f  tor-brows=
er-win32-4.0.3-4.0.4_ru.incremental.mar
35e9360924db464e7257115bdd1715eac13601391765214cd8ee656331df6920  tor-brows=
er-win32-4.0.3-4.0.4_tr.incremental.mar
547ba42acc888e0206c0ed18592f565be3cc79992fd617edd8d27bf7b98269b7  tor-brows=
er-win32-4.0.3-4.0.4_vi.incremental.mar
7502bc994b4ce44bfa0ece11e4f8bbdbf39967a8feae55b115e7fdc8368e1dd3  tor-brows=
er-win32-4.0.3-4.0.4_zh-CN.incremental.mar
=89=02=1C=04=00=01=02=00=06=05=02T=ED=7F=F6=00
	=10p=17=AD=CE=F6\ 6V=CD=0F=FFxj^=00U=D7=1F=E6=16=95=8F=BE?]=E9=D0=9ASs;=FB=
=DA=93W=8Di"=A6(S(d=D6=08f=A6"=D7k=B7=8D=A7r=E5w=99X=91=DC=D8B"=05MS$F=08_=
=08=A4:=15=EAe=C8R=C5|=15@=E4D=D1y=0FE/P=1Eq=E8=05%=12=B7=3Da&}=93=9D=82=BD=
=11=1C=1C=D8f=BE.=17=FAnN3=17=18=17u=93=C7=02H=18=F5=BC=13BR=96=19=A3p=FC=
=D53=AB=C4=A9g-z@=98=172=DB=B2=0D=B0=F4T=CF=D9=8B.|=A8F=9F=89&#F=8F=0D9=BD=
=BAsU=C4O=DF;=FB=FD'/=8DO=019=89=03I=AF=EB=0F^=82)=88=9F=1C=EE=87qedG=92_d=
=B7^=AE'=88=92X.=A2=FBg=C5=99=A8=FCd=B4=AD=C3=D4c =B6=92=18=C89=8Dtu=D4=E8=
=BE=F2S=8CH=AD=90yS_#=C1=F7=A3TO=91f=FF=FE.2=9Ft=FF=B2=85=D6z=C5=887=CDt=AD=
k6=E6r.=90=DE=CE=C04=1BK=D93=A4=D6=AD=A7=E1=12=3D=EF=D0e=C6=D4=E1=DB/=E1=F3=
0Vd=C1=C9=1FB=E6{=B38=98Z=B6=FB=0CPe=0F=8C(=C5=F9SL"w=A8xB=D4=B4{=B5=8Csvi=
=3D=08=DF=E13>C=9B=AF:=EC=A5%"G=0EYe=CD=93<}=C4=FB=9Bd0=AB=04TLr.=8F=A0=DB?=
=E1=07=18=91=7F\!=87=FA
=97=0B<=00=E4=BD;r=B4\=9F\=0CZp=C6=A4i=90=DDmL=82=9B=B2=EF=A3=0CIX=DA=ACQ=
=15=B3=C3=1C=19D=19=F0=FBjD=9C	=BD=979A2VA=F3=90=C2!x=E3=7F@=D4gO=18=9A=1D=
=8DW,=F2=AB=8F=C6=EF=C4=18=F3=C3F=F7=1Ck=CAEHm=87@M \p/=05=A4Q=7F=AD=CD=0B=
=BAU=D4=93=ED=DC[=A3=88z=CC=8B=B5=81~=B7(=BF=CB=1D=12"{=BE=152=CC=8C=B1=9C=
=15=A1u
--Lhc3Z8HNH87hA+pb--

--vqH4NJnLjcTi6fE3
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJU8fmDAAoJELFnvrFg/L45irIH/RcmAAQ8ngN4D+tkpaSStjAL
ezk+o5qFdSLU3T+rIb3+kgFKb1DRTbwR1swob4d8rq6FZbGaWIZ3Edv13fzZI8Ai
Mi4lPLQIRMrxbiOFYBGNcigDPy5Fz/qQZKVDO7lMl4edCRfNnyNSEhIypuTr0YMB
q9RCv+xGK9r8SGRnRV297fj0FLT7fHtcPK8um/lpFxiGBqXmCVzaZRo2nMZJ3NGM
q9Rwapz28aPrE1ISFfgw2ig0Vv9Fzy7is7xp/mw4vKqmF4kZUpRXRexfyghKDjFK
NAib8aV/Jgl7b6baQoPj29iuR6fOi6TRqgVr8qf160ft20RqTFpoR/RpEfYI9IY=
=XgGR
-----END PGP SIGNATURE-----

--vqH4NJnLjcTi6fE3--

--===============4889336519955244921==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============4889336519955244921==--

