diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-07-05 15:09:55 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-07-05 15:21:45 +0200 |
commit | 25582119bb2b241c3010df0308ef828cb7f1d6aa (patch) | |
tree | ab71259b67c86d390b951d07cb3a05f485f2e837 | |
parent | 61f8c5b8460e9d6121c4e2705faa500991d50b5a (diff) |
openpgp: Ignore unhashed subpackets when comparing signatures.
- Ignore the unhashed subpacket area when comparing signatures.
This prevents a malicious party to take valid signatures, add
subpackets to the unhashed area, yielding valid but distinct
signatures.
- The problem we are trying to avoid here is signature spamming.
Ignoring the unhashed subpackets means that we can deduplicate
signatures based on PartialEq.
- Fixes #322.
-rw-r--r-- | openpgp/src/packet/signature/mod.rs | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs index 27607125..347b8d38 100644 --- a/openpgp/src/packet/signature/mod.rs +++ b/openpgp/src/packet/signature/mod.rs @@ -337,13 +337,23 @@ impl fmt::Debug for Signature4 { } impl PartialEq for Signature4 { + /// This method tests for self and other values to be equal, and + /// is used by ==. + /// + /// Note: We ignore the unhashed subpacket area when comparing + /// signatures. This prevents a malicious party to take valid + /// signatures, add subpackets to the unhashed area, yielding + /// valid but distinct signatures. + /// + /// The problem we are trying to avoid here is signature spamming. + /// Ignoring the unhashed subpackets means that we can deduplicate + /// signatures using this predicate. fn eq(&self, other: &Signature4) -> bool { self.fields.version == other.fields.version && self.fields.sigtype == other.fields.sigtype && self.fields.pk_algo == other.fields.pk_algo && self.fields.hash_algo == other.fields.hash_algo && self.fields.hashed_area == other.fields.hashed_area - && self.fields.unhashed_area == other.fields.unhashed_area && self.mpis == other.mpis } } |