g10: Disallow compressed signatures and certificates
AbandonedPublic
Actions

Authored by DemiMarie on Jun 10 2022, 9:01 PM.

Details

Reviewers: None
Maniphest Tasks: T5993: gpg should reject compressed packets outside of messages

Summary

Compressed packets have significant attack surface, and are forbidden
in certificates, keys, and detached signatures. When parsing detached
signatures, forbid any packet that is not a signature or marker packet.
When parsing certificates, return an error when encountering a
compressed packet, instead of decompressing the packet.

Furthermore, certificates, keys, and signatures are not allowed to
contain partial-length or indeterminate-length packets. Reject those in
parse_packet, rather than activating the partial-length filter code.

Test Plan

This will be covered by the OpenPGP conformance tests.

Diff Detail

Repository

rG GnuPG

Lint

Lint Skipped

Unit

Unit Tests Skipped

Event Timeline

DemiMarie requested review of this revision.Jun 10 2022, 9:01 PM

DemiMarie created this revision.

Added missing context lines and replaced some tabs with spaces

DemiMarie added a reviewer: • werner.Jun 10 2022, 9:44 PM

DemiMarie set the repository for this revision to rG GnuPG.

DemiMarie added a project: gnupg.

DemiMarie retitled this revision from Disallow compressed signatures and certificates to g10: Disallow compressed signatures and certificates.Jun 16 2022, 6:52 PM

DemiMarie edited projects, added g10; removed gnupg.

DemiMarie added a task: T5993: gpg should reject compressed packets outside of messages.

DemiMarie edited projects, added gnupg; removed g10.

DemiMarie added a subscriber: DemiMarie.

Sorry, there is no padding packet in OpenPGP. Please do no try to push ideas from that crypto-refresh-06 thing into GnuPG. We continue to follow the last draft with consesus, which is rfc4880bis-10.

This revision now requires changes to proceed.Jun 16 2022, 6:56 PM

• werner resigned from this revision.Jun 16 2022, 6:58 PM

This revision now requires review to proceed.Jun 16 2022, 6:58 PM

DemiMarie updated this revision to Diff 1522.Jun 17 2022, 8:21 PM

DemiMarie edited the summary of this revision. (Show Details)

In D555#5569, @werner wrote:

Sorry, there is no padding packet in OpenPGP. Please do no try to push ideas from that crypto-refresh-06 thing into GnuPG. We continue to follow the last draft with consesus, which is rfc4880bis-10.

That’s fine. I ripped out the padding packet.

Compressed packets in detached signatures and/or certificates have never been permitted by any version of the standard.

DemiMarie edited the summary of this revision. (Show Details)Jun 17 2022, 8:37 PM

DemiMarie removed a reviewer: • werner.Jun 18 2022, 1:34 AM

DemiMarie added reviewers: sergei, gp_ast.

DemiMarie edited reviewers, added: • gniibe; removed: sergei, gp_ast.Jun 18 2022, 1:37 AM

• werner removed a reviewer: • gniibe.Jun 20 2022, 8:05 AM

• werner removed a subscriber: • werner.

Closing in favor of D556.

• canti59 added a commit: rG8046fcac63db: po: Update Czech translation..Oct 14 2022, 2:11 AM

• gniibe removed a commit: rG8046fcac63db: po: Update Czech translation..Oct 14 2022, 2:50 AM