On Wed, 14 Jan 2026 16:52, Jeffrey Walton said: > If you can provide a non-trivial Proof of Concept for a DoS or a wild > memory write, then I would like to see it.
Yes, this would trigger action here on our site. Gniibe documented this as https://dev.gnupg.org/T8032 and I added this comment: Some historic integer encoding glitches from Peter Gutmann's style guide: Some Microsoft software will generate negative values about 50% of the time whenever it encodes anything as an INTEGER because it ignores the fact that the top bit of an integer is the sign bit (this is still occurring in programs released as recently as early 1998). Telesec: The certificates encode INTEGER values incorrectly by setting the high bit, which makes them negative values. This is particularly problematic with RSA keys since they use a hardwired exponent of 3,221,225,473 (!!!) which always has the high bit set (0xC0000001), so all the RSA certificates have invalid encodings. This was corrected in late 1999. The encoding of the Certificate may follow the BER rather than the DER. At least one implementation uses the indefinite-length encoding form for the SEQUENCE. And I don't expect that that everything is correct now. As long as we don't have a clear security issue here, we should not add extra constraints on DER or even BER parsing. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
