All subkeys must be followed by a binding signature by the primary key as per
the OpenPGP RFC, enforce the presence and validity in the parser.
The implementation is as kludgey as they come to work around our simple-minded
parser structure without touching API, to maximise backportability. Store all
the raw packets internally as we decode them to be able to access previous
elements at will, needed to validate ordering and access the actual data. Add
testcases for manipulated keys whose import previously would succeed.
Depends on the two previous commits:
55d5811a10d5a4c5d965373f5841280a5f43d7ef and
d2fcd5380fe3390e695a016727a695829a0a3610
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1795
-- Commit Summary --
* <a
href="https://github.com/rpm-software-management/rpm/pull/1795/commits/55d5811a10d5a4c5d965373f5841280a5f43d7ef";>Only
set MPIs for signature types we can handle</a>
* <a
href="https://github.com/rpm-software-management/rpm/pull/1795/commits/d2fcd5380fe3390e695a016727a695829a0a3610";>Refactor
pgpDigParams construction to helper function</a>
* <a
href="https://github.com/rpm-software-management/rpm/pull/1795/commits/6a5ac9dd1330f304130985171666e261a31dd6c6";>Validate
and require subkey binding signatures on PGP public keys</a>
-- File Changes --
M rpmio/rpmpgp.c (125)
M tests/Makefile.am (3)
A tests/data/keys/CVE-2021-3521-badbind.asc (25)
A tests/data/keys/CVE-2021-3521-nosubsig-last.asc (25)
A tests/data/keys/CVE-2021-3521-nosubsig.asc (37)
M tests/rpmsigdig.at (28)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/1795.patch
https://github.com/rpm-software-management/rpm/pull/1795.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1795
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
