[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13379 [Tor Browser]: Sign our MAR files

#13379: Sign our MAR files
     Reporter:           |      Owner:  mcs
  mikeperry              |     Status:  needs_review
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-security,
  Browser                |  TorBrowserTeam201412,TorBrowserTeam201412R
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |

Comment (by mcs):

 Replying to [comment:41 gk]:
 > Okay, here is what I've got so far:
 > 1) `signmar.sh` is not executable

 Ugh.  Kathy and I messed up the file mode when we created a new branch
 (where we merged in boklm's changes and applies other small fixes).  We
 will fix it.

 > 2) I don't get the update working it seems. I get
 > {{{
 > ERROR: Unsupported signature algorithm (SHA1 with RSA).
 > ERROR: Unsupported signature algorithm (SHA1 with RSA).
 > }}}
 > How do I debug this? Any ideas? I did the following:
 > 1) I created two certificates and added them atop of your tor-browser
 changes (commit 14447aca2f31c56ccadc289cef5f756e97d1f3a9) and tagged that
 (I just checked that I really included the 4k-bit certs with SHA-512)
 > ...
 > 9) `update.log` shows basically "failed: 19" and the above error
 messages are shown

 Based on the info you provided, I think the MAR file has been signed using
 the older (now wrong) algorithm.  Kathy and I added the "Unsupported
 signature algorithm (SHA1 with RSA)" log message to make it easier to
 detect this situation.  But it sounds like you did everything correctly.
 Is there any chance you used an older signmar program (from mar-tools)?
 If you used the signmars-alpha make target the correct signmar should have
 been used though.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:42>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
tor-bugs mailing list