Hi So the header is not signed. Good to know.
I think we can ignore the spoofing issue. Yes it is possible to spoof it but on the other hand you can just omit it even if it is checked. I think this is a minor issue. If at all an issue. But as always I may have missed some important point. The important thing is that the accepted checksums are strong. With that in place I fail to see a security issue. / Ola Den sön 13 sep. 2020 09:37Brian May <b...@debian.org> skrev: > Ola Lundqvist <o...@inguza.com> writes: > > > Looking at the code and your email I have some concerns. > > > > Isn't the header part of the "signed" argument? If it is not, then there > is > > no point of checking it since you can then just change the header anyway. > > If it is part of the signed message it is possible for the function to > > decode it and check it. > > > > Do the calling application need to do the check, can't > > CheckDetachedSignature do it? > > > > Or have I missed something? > > CheckDetachedSignature is called like: > > openpgp.CheckDetachedSignature(keyring, bytes.NewBuffer(b.Bytes), > b.ArmoredSignature.Body) > > b.Headers has the header we need to check, but we only pass the body > b.Bytes and the signature b.ArmoredSignature.Body. As in the headers > aren't covered by the signature (I assume there is a good reason...). > > Does this make sense now? > -- > Brian May <b...@debian.org> >
