[pkg-gnupg-maint] Bug#828109: Bug#828109: gnupg2: does not react well to bad ECDSA subkey packet
NIIBE Yutaka
gniibe at fsij.org
Mon Jun 27 06:25:33 UTC 2016
Sorry for the trouble because of my subkey.
In my file, the subkey packet in question is like following:
---------------------------
# ctb=b8 tag=14 hlen=2 plen=79
:public sub key packet:
version 4, algo 19, created 1389837376, expires 0
pkey[0]: [48 bits] secp256k1 (1.3.132.0.10)
pkey[1]: [515 bits]
keyid: 824E72CE975B9053
Header:
b8 4f
version:
04
timestamp:
52 d7 3c 40
algo:
13
OID of the curve:
05 2b 81 04 00 0a
MPI of public key in 0x04 || x || y format:
02 03
04
12 dc 57 0b 7a 65 b2 f0 7c 71 c6 1d a2 d1 19 e2
e0 1f 7d cd fb 31 a7 b3 35 c6 dd f0 73 46 53 f1
51 90 d5 f8 a5 39 4e b3 3e 05 e1 c7 db f0 58 0b
a4 c9 85 d8 06 ee 90 d3 32 c0 31 c2 4a 5c 03 ac
---------------------------
In the file of debian-keyring.gpp of haskell-hopenpgp,
it's (at offset 0x000b84be):
---------------------------
header:
ce 57
version:
04
timestamp:
52 d7 3c 40
algo:
13
malformed:
00 00 00 00 00 00 00 <--- 0-byte
49 <------ something like a length field
05 2b 81 04 00 0a 02 03 04 12 dc 57 0b 7a 65 b2 <-- OID + MPI
f0 7c 71 c6 1d a2 d1 19 e2 e0 1f 7d cd fb 31 a7
b3 35 c6 dd f0 73 46 53 f1 51 90 d5 f8 a5 39 4e
b3 3e 05 e1 c7 db f0 58 0b a4 c9 85 d8 06 ee 90
d3 32 c0 31 c2 4a 5c 03 ac
---------------------------
And I found a bug for --list-packet option. It's long standing,
it's there in 1.0.
diff --git a/g10/mainproc.c b/g10/mainproc.c
index bd738ab..c191fe0 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1328,7 +1328,7 @@ do_proc_packets (ctrl_t ctrl, CTX c, iobuf_t a)
/* Stop processing when an invalid packet has been encountered
* but don't do so when we are doing a --list-packets. */
if (gpg_err_code (rc) == GPG_ERR_INV_PACKET
- && opt.list_packets != 2 )
+ && opt.list_packets == 0)
break;
continue;
}
--
More information about the pkg-gnupg-maint
mailing list