wu-ftpd-2.6.2 fails GPG & PGP2 signature verifications, passes PGP6!

Hugh Daniel hugh at road.xisp.net
Sat Dec 1 06:14:11 EST 2001 

  UPDATE:  My email below is suspect in that I was finely able to get
a 'valid signature' result using pgp-6.5.8, but one that had been
installed from an RPM and not source (to my knowledge the 'matching'
source fails to compile still) and thus I myself do not place much
trust in that version of PGP.

  There is still a huge problem here, but now more with PGP, as simple
file signature validations should NOT be failing across different
versions of the horrid PGP/GPG/OpenPGP mess.

  Frankly, I am at a bit of a loss as to a reasonable course of action
in this case.  I don't trust any of the pieces at this point and thus
none of the results.  I guess I will just turn off wu-FTP on any
servers I have and hope for a better day...



  Below is the original email I wrote a couple of hours ago, the part
near the end about the the poor key is still quite valid, the rest
might be as well...:



  I was quite glad to see a new wu-ftpd come out today, but I will not
be installing it (or even opening the tar file) as it does not verify
against it's own signature with either GPG nor PGP2.  This is VERY bad,
as you should have tested this before posting the .gs/.asc files, or
you have been hacked.

  There are some other possibility's that are bad as well, like your
PGP got screwed up doing it's math and thus might be exposing parts of
your secret key.  Likely none of them are good.

  This deserves immediate attention, more then just generating a new
signature.  You folks need to audit the code tar file vs. the
repository.  You might want to go over the whole thing (CVS source of
wu-ftpd and any library's/tools/etc. you ship in the tar file) if your
willing to be _really_ paranoid.

  First though, you need to withdraw the tar file from public release.
I know that hurts, but it's the right thing to do from a security
stand point.  Once you resolve what happened and that you can produce
a new clean (not possibly infected) source tree, then you should
release under a new version number and signature.  You might even
build a new signing key with some outside signatures if this key was
kept on line anywhere that might have been gotten to as...

  You also need to work on your signing key, it's not very useful with
only three keys on it and for only one of them (it's self...) can I
find a matching key for.  There is thus no web of trust as no one
outside your group seems to have signed the key or knows the other two
sigs on your key.

  I will append some output from GPG (1.0.6, current) and PGP
(2.6.3ia, the only useful one) that shows the failures I am
reporting.  I did try various other combinations, all of them resulted
in signature failures.  I have down loaded on two different machines,
multiple times etc all the 2.6.2 files from:
	ftp://ftp.wu-ftpd.org/pub/wu-ftpd
and found them all to fail signature verification.

  Please note that I am acting in a 'security paranoid' mode here and
in general quite value the fact that many of you have put much work in
to WU-FTPD and wish to express my thanks for you time and efforts.
Thanks for your efforts.

		||ugh Daniel
		hugh at freeswan.org

			Systems Testing & Project mis-Management
			The Linux FreeS/WAN Project
			http://www.freeswan.org


Appendix, Various runs of PGP2, PGP6 & GPG on two different hosts:


ahost$ gpg --verify wu-ftpd-2.6.2.tar.gz.asc wu-ftpd-2.6.2.tar.gz     
gpg: Signature made Fri 30 Nov 2001 05:19:52 AM PST using RSA key ID 62885875
gpg: BAD signature from "WU-FTPD Development Group <wuftpd-members at wu-ftpd.org>"


ahost$ gpg --list-keys 0x62885875
pub  1024R/62885875 1999-05-22 WU-FTPD Development Group <wuftpd-members at wu-ftpd.org>


ahost$ pgp wu-ftpd-2.6.2.tar.gz.asc  wu-ftpd-2.6.2.tar.gz
Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses.
(c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04
International version - not for use in the USA. Does not use RSAREF.
Current time: 2001/12/01 09:36 GMT

File has signature.  Public key is required to check signature.

File 'wu-ftpd-2..$00' has signature, but with no text.
Text is assumed to be in file 'wu-ftpd-2.6.2.tar.gz'.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list