From: Murray S. K. <ms...@se...> - 2006-05-09 23:22:33
|
SM wrote: > I meant to say that the Received: headers are reordered during > canonicalization. I didn't mean omitted from the signature. Thanks for your help with tracking this down. The issue appears to be the injection of a message with duplicate but separated headers. For example, a dummy message like so: Received: data 1 Received: data 2 From: ms...@se... To: sa...@se... Subject: test test blah foo ...will sign and verify just fine. If you add "-H" (which adds the "h=" header order tag to the signature), you can even tinker with the order for the most part and it will continue to work. However, if you insert any of those headers between the two Received: headers, the signatures begin to fail. The reason for this appears to be that the header sorting and canonicalizing code anticipates your use of "-H" and thus groups like headers when canonicalizing. As such, the above instance will always work, but without "-H" this ordering will always fail: Received: data 1 From: ms...@se... Received: data 2 To: sa...@se... Subject: test test blah foo If you don't use "-H", the verifier won't know you did the grouping when signing and will replay the headers in their original order. So the sender's canonical form is what's above, but the verifier's is what's below, and you're sunk because they don't match. I'll open this as a bug and get it fixed as soon as I can. |