0.82: self test failure

[0-wiz-0]

When running the self tests for 0.82 from CPAN with perl-5.28 on NetBSD and TEST_SIGNATURE=1 in the environment, I see the following errors:

PERL_DL_NONLAZY=1 "/usr/pkg/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'inc', 'blib/lib', 'blib/arch')" t/*.t
t/0-signature.t .. Error verifying signature: Message hash does not match signature checkbytes
# Looks like your test exited with -1 before it could output anything.
t/0-signature.t .. Dubious, test returned 255 (wstat 65280, 0xff00)
Failed 1/1 subtests 
t/1-basic.t ...... ok   
t/2-cygwin.t ..... skipped: Cygwin only tests
t/3-verify.t ..... 5/6  
#   Failed test 'dir[t/test-datmix-signew]system[/usr/pkg/bin/perl -I../../lib/ ../../script/cpansign -v]ret[65280]out[]err[Error verifying signature: Message hash does not match signature checkbytes
# ]diff[]'
#   at t/3-verify.t line 20.

#   Failed test 'dir[t/test-datmix-sigold]system[/usr/pkg/bin/perl -I../../lib/ ../../script/cpansign -v]ret[65280]out[]err[Old SIGNATURE detected. Please inform the module author to regenerate SIGNATURE using Module::Signature version 0.82 or newer.
# Error verifying signature: Message hash does not match signature checkbytes
# ]diff[]'
#   at t/3-verify.t line 20.
# Looks like you failed 2 tests of 6.
t/3-verify.t ..... Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/6 subtests 

Test Summary Report
-------------------
t/0-signature.t (Wstat: 65280 Tests: 0 Failed: 0)
  Non-zero exit status: 255
  Parse errors: Bad plan.  You planned 1 tests but ran 0.
t/3-verify.t   (Wstat: 512 Tests: 6 Failed: 2)
  Failed tests:  5-6
  Non-zero exit status: 2
Files=4, Tests=8, 15 wallclock secs ( 0.03 usr  0.00 sys +  4.17 cusr  0.50 csys =  4.70 CPU)
Result: FAIL
Failed 2/4 test programs. 2/8 subtests failed.
*** Error code 2

[audreyt]

Yes, it seems the part using Crypt::OpenPGP is broken and this is a regression. I can repro this just by moving gpg away from $PATH.

@niklasholm would you like to look into it?

[niklasholm]

I cannot get Crypt::OpenPGP to run on my system so I can't really troubleshoot, but I didn't touch the OpenPGP code so I don't know what could be wrong. Only two of the tests fail however so the issue might be with the SIGNATURE files I generated and/or some bug in Crypt::OpenPGP. @audreyt, could you try resigning them with your setup and see if that resolves it?

[audreyt]

t/0-signature.t fails with the new release and not the old one, and it's using the SIGNATURE file signed by me, so maybe it's not it... I wonder if it's related to the SHA256 change?

[niklasholm]

Maybe, if Crypt::OpenPGP can't handle signatures using SHA256 digests. The SHA256 default setting does not affect the algorithm chosen by GPG, it's likely determined by GPG's configuration.

PR #24 adds two flags to the gpg configuring it to use RIPEMD-160 if possible, otherwise revert to the OpenPGP standard.

Please test if this resolves the issue.

[niklasholm]

Also you could try something like

#!perl
use Crypt::OpenPGP;
my $pgp = Crypt::OpenPGP->new(
   Compat => "GnuPG",
   AutoKeyRetrieve => 1,
   KeyServer => "pool.sks-keyservers.net"
);
my $res = $pgp->verify(SigFile => "./SIGNATURE");
if (defined $res) {
   if ($res) { print "Success\n"; } else { print "Failure\n"; }
} else {
   print $pgp->errstr . "\n";
}

on the SIGNATURE file alone just to confirm if the error occurs without our code.

EDIT: Arguments added to new()

[0-wiz-0]

I added a ';':

#!/usr/pkg/bin/perl
use Crypt::OpenPGP;                                     
my $pgp = Crypt::OpenPGP->new;                               
my $res = $pgp->verify(SigFile => "./SIGNATURE");               
if (defined $res) {                                                        
   if ($res) { print "Success\n"; } else { print "Failure\n"; }                                                         
} else {
   print $pgp->errstr . "\n";                                                                                                                                    
}

running this gives me

Could not find public key with KeyID f5e3cf4b09d37fa8

[niklasholm]

The public keys should be imported during module configuration. Did you try that first?

[audreyt]

I've re-uploaded my public keys to pool.sks-keyservers.net.

However, It doesn't seem like RIPEMD160 helps... Running the snippet above still gives:

Message hash does not match signature checkbytes

I've checked in the SIGNATURE file into source control to facilitate testing.

[0-wiz-0]

I hadn't run configure for this test, but I just tried again after a build & test, and it didn't work either, same error. I don't see a message about keys being imported:

Checking if your kit is complete...
Looks good
Generating a Unix-style Makefile
Writing Makefile for Module::Signature
Writing MYMETA.yml and MYMETA.json
===> Building for p5-Module-Signature-0.82
--- blib/lib/Module/.exists ---
--- blib/arch/.exists ---
--- blib/lib/auto/Module/Signature/.exists ---
--- blib/arch/auto/Module/Signature/.exists ---
--- blib/bin/.exists ---
--- blib/script/.exists ---
--- blib/man1/.exists ---
--- blib/man3/.exists ---
--- config ---
--- subdirs ---
--- dynamic ---
--- pm_to_blib ---
--- blib/script/cpansign ---
--- blibdirs ---
--- config ---
--- dynamic ---
--- linkext ---
--- blib/script/cpansign ---
cp script/cpansign blib/script/cpansign
"/usr/pkg/bin/perl" "-Iinc" -MExtUtils::MY -e 'MY->fixin(shift)' -- blib/script/cpansign
--- pm_to_blib ---
cp lib/Module/Signature.pm blib/lib/Module/Signature.pm
--- pure_all ---
--- pure_all ---
--- manifypods ---
Manifying 1 pod document
Manifying 1 pod document
--- all ---
...
Manifying 1 pod document
Manifying 1 pod document
Installing .../work/.destdir/usr/pkg/lib/perl5/vendor_perl/5.28.0/Module/Signature.pm
Installing .../work/.destdir/usr/pkg/lib/perl5/vendor_perl/man/man1/cpansign.1
Installing .../work/.destdir/usr/pkg/lib/perl5/vendor_perl/man/man3/Module::Signature.3
Installing .../work/.destdir/usr/pkg/lib/perl5/vendor_perl/bin/cpansign
Appending installation info to .../work/.destdir/usr/pkg/lib/perl5/5.28.0/x86_64-netbsd-thread-multi/perllocal.pod

In the pkgsrc framework, $HOME is overridden, but there are no files in the temporary home even after a test run:

# ls -al work/.home/                                                                                                                                            
total 4
drwxr-xr-x   2 foo  bar     0 Aug 30 04:39 .
drwxr-xr-x  17 foo  bar  2448 Aug 30 04:39 ..

As a side note, i don't think that installing a perl module should change the keys in the public key ring of the user building it.

[niklasholm]

I can reproduce this on a Ubuntu 18.04 virtual machine using Crypt::OpenPGPalone without any involvement from our code.

$ echo "Hello World" | gpg --clearsign --openpgp > SIGNATURE

$ gpg --verify SIGNATURE
gpg: Signature made Thu Aug 30 09:25:59 2018 CEST
gpg:                using RSA key DC2E4D7BC23244C84F9FED91AAD7FCF71AAF8826
gpg: Good signature from "Niklas Holm (Signing key for testing) <[email protected]>" [ultimate]

$ gpg --export > pubring.gpg

$ perl test-openpgp.pl
Message hash does not match signature checkbytes

test-openpgp.pl:

#!/usr/bin/perl
use Crypt::OpenPGP;
my $pgp = Crypt::OpenPGP->new(
    Compat => "GnuPG",
    PubRing => "./pubring.gpg",
);
my $res = $pgp->verify(SigFile => "./SIGNATURE");
if (defined $res) {
    if ($res) { print "Success\n"; } else { print "Failure\n"; }
} else {
    print $pgp->errstr;
}

SIGNATURE:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello World
-----BEGIN PGP SIGNATURE-----

iQGzBAEBAgAdFiEE3C5Ne8IyRMhPn+2Rqtf89xqviCYFAluHnAcACgkQqtf89xqv
iCYhEAv/eKfwvO33RPUYWVhGf2XU27ZmeadRNgzHnnFm3G9C1Mpcuif+aXBRdCUK
scjnqifmCHicTaW9kmKoE37WvBwGPeRUJ6/uLP+SXTHJ7syuBjrJZC8RvzDi6mq+
Pbij8++gl6GQnKezuioXPR3IQaNVXxsMH/sTfFVEtssc4UZ2wp2fxxHCqhp4EVdM
bs5qxgMw932rovnmseWS9V33zQWzmWgpBbtB8Z419G4u42divRHzDD4Dgst7tIKq
zLO0Th0zNCy/ij+Uqr5n4lTQkAhGZA5TrOtlFCB7PUApFU4j/0JeiqxvfaMQP9h7
/2zEy9wV1SX2+JUN7IEfca83Z8exl71egFQpPmZP3OQUl9kkEUpMNO4wTemcTwal
utfODcaxV7glIHsWzbdlEAoD4SpVjk1csyx+P7Pv8hCosp6XBLk1/7eYAyrwxRqu
z0elQeP6++q2bVUBt95tAFqm05K9tSpvOfeoTQQ42A709nm2KSZHZ8e7Jhc8LlWx
K4LinVc8
=pl0j
-----END PGP SIGNATURE-----

In other words this is a bug in Crypt::OpenPGP or, less likely, in GnuPG.

$ uname -a
Linux bionic-vm 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 16:00:05 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

$ perl -v | awk 'NR==2 {print $0}'
This is perl 5, version 26, subversion 1 (v5.26.1) built for x86_64-linux-gnu-thread-multi

$ gpg --version | head -n2
gpg (GnuPG) 2.2.4
libgcrypt 1.8.1

$ perl -MCrypt::OpenPGP -le 'print $Crypt::OpenPGP::VERSION'
1.12

[audreyt]

So maybe it's Crypt::OpenPGP breaking compatibility with GnuPG 2? The difference may well be that the previous SIGNATURE files were generated by GnuPG 1.

[niklasholm]

Okey so I've also done the same test on an earlier Ubuntu release with GnuPG v1.4. There the signature verifies successfully but only if using SHA1 as the signature digest. It seems Crypt::OpenPGP is buggy as hell.

[niklasholm]

To summarize: Currently Crypt::OpenPGP only works with SIGNATURES generated by GnuPG <= 1.4 and only with MD5 and SHA1, which are both broken. Great.

[niklasholm]

Bug filed: RT#126994

For our part, I guess the only solution, for the time being, is to use SHA1 when signing and check that gpg's version is less than 1.9.

[niklasholm]

GnuPG 2.1.16 introduced an additional signature subpacket by default, and I've confirmed that downgrading to 2.1.15 or lower gets rid of the "Message hash does not match signature checkbytes" part of the issue. Verification still fails for anything other than MD5 and SHA1 though.