3

Disable caching of GPG passphrases in the GPG agent (CryptoUtil 1/3) by nabla-c0...

 1 year ago
source link: https://github.com/freedomofpress/securedrop/pull/6174
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Contributor

@nabla-c0d3 nabla-c0d3 commented on Nov 20, 2021

edited

Status

Ready.

Description of Changes

This PR disables the caching of GPG passphrases by adding default-cache-ttl 0 to the GPG agent's config.

  • This fixes a security issue where any GPG passphrase could be supplied to the GPG decryption code, as long as the corresponding decryption key's GPG passphrase was already in the GPG cache. The decryption code (more specifically the GPG binary) transparently retrieves from the cache the GPG passphrase for the right key, and then uses the key to decrypt the data. This happens regardless of what GPG passphrase was supplied by the caller.
  • AFAIK this issue is currently unexploitable. Exploiting it would require another another bug in the securedrop server code that would allow a malicious source to "ask" the server to decrypt another source's files/replies. In this scenario, the malicious source would not need to provide/guess the other source's GPG passphrase: the server would transparently retrieve it from its cache and decrypt the content; what this PR fixes.
  • This is part 1 of a set of 3 PRs to refactor the GPG code.
    • Part 2: #6184
    • Part 3: #6160 . That PR contains unit tests to ensure that the correct GPG passphrase must supplied to the decryption code.
All reactions

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK