diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2021-06-15 14:18:23 +0300 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2021-06-15 16:36:13 +0300 |
commit | f22499a05d0a01e35dd10d7644f8d74391ba4222 (patch) | |
tree | 7c420eee10360bdc65f5260dcd5173abbfa917e6 /rpmio/rpmpgp.c | |
parent | 66f40d2e347b7f2ff94413c4b4107e39dd91a9dc (diff) | |
download | rpm-f22499a05d0a01e35dd10d7644f8d74391ba4222.tar.gz |
Reject unimplemented critical PGP packets as per RFC-4880
Bit 7 of the subpacket type is the "critical" bit. If set, it
denotes that the subpacket is one that is critical for the evaluator
of the signature to recognize. If a subpacket is encountered that is
marked critical but is unknown to the evaluating software, the
evaluator SHOULD consider the signature to be in error.
We only implement creation time and issuer keyid, everything else is
unimplemented and should be flagged as an error if critical as per above.
Initial patch by Demi Marie Obenour.
Diffstat (limited to 'rpmio/rpmpgp.c')
-rw-r--r-- | rpmio/rpmpgp.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index e0a8a1054..f1a99e716 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -407,6 +407,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype, int rc = 0; while (hlen > 0 && rc == 0) { + int impl = 0; i = pgpLen(p, hlen, &plen); if (i == 0 || plen < 1 || i + plen > hlen) break; @@ -436,6 +437,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype, pgpPrtVal(" ", pgpKeyServerPrefsTbl, p[i]); break; case PGPSUBTYPE_SIG_CREATE_TIME: + impl = *p; if (!(_digp->saved & PGPDIG_SAVED_TIME) && (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE)) { @@ -450,6 +452,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype, break; case PGPSUBTYPE_ISSUER_KEYID: /* issuer key ID */ + impl = *p; if (!(_digp->saved & PGPDIG_SAVED_ID) && (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE)) { @@ -489,6 +492,10 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype, break; } pgpPrtNL(); + + if (!impl && (p[0] & PGPSUBTYPE_CRITICAL)) + rc = 1; + p += plen; hlen -= plen; } |