Home GnuPG
Diffusion GnuPG d74dd36c11f1

gpg: Protect against rogue keyservers sending secret keys.
d74dd36c11f1Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

gpg: Protect against rogue keyservers sending secret keys.

* g10/options.h (IMPORT_NO_SECKEY): New.
* g10/keyserver.c (keyserver_spawn, keyserver_import_cert): Set new
flag.
* g10/import.c (import_secret_one): Deny import if flag is set.

By modifying a keyserver or a DNS record to send a secret key, an
attacker could trick a user into signing using a different key and
user id. The trust model should protect against such rogue keys but
we better make sure that secret keys are never received from remote
sources.

(cherry picked from commit e7abed3448c1c1a4e756c12f95b665b517d22ebe)

Resolved conflicts:
g10/options.h

  • Suggested-by: Stefan Tomanek
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Oct 4 2013, 1:44 PM
Parents
rGfe0fb5e6b0bb: gpg: Allow setting of all zero key flags
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rGd74dd36c11f1: gpg: Protect against rogue keyservers sending secret keys. (authored by Werner Koch <wk@gnupg.org>).Oct 4 2013, 8:58 PM

Changes (3)

PathSize
g10/

rGd74dd36c11f1

View Options

g10/import.c

Loading...
View Options

g10/keyserver.c

Loading...
View Options

g10/options.h

Loading...