summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJustus Winter <justus@sequoia-pgp.org>2022-02-15 13:47:28 +0100
committerJustus Winter <justus@sequoia-pgp.org>2022-02-16 15:02:34 +0100
commit442f766d6f294399b8986656e942fa1740e22438 (patch)
tree7c8b446568aad2d2267e185f00e5ab8282d9d917
parent5132ca404c4cf2b0e972cbbb95912cedb85224f1 (diff)
openpgp: Explicit SEIP packet version in the message parser.
- In order to deal with version 2 SEIP packets, we first need to be explicit about the packet version in the message parser. - Rename the token and grammar rules, pass in a version to MessageParser::push.
Diffstat
-rw-r--r--openpgp/src/message/grammar.lalrpop10
-rw-r--r--openpgp/src/message/lexer.rs4
-rw-r--r--openpgp/src/message/mod.rs105
-rw-r--r--openpgp/src/parse.rs8
-rw-r--r--openpgp/src/parse/packet_parser_builder.rs3
-rw-r--r--openpgp/src/parse/stream.rs5
6 files changed, 81 insertions, 54 deletions
diff --git a/openpgp/src/message/grammar.lalrpop b/openpgp/src/message/grammar.lalrpop
index ede7049b..f98b3786 100644
--- a/openpgp/src/message/grammar.lalrpop
+++ b/openpgp/src/message/grammar.lalrpop
@@ -16,9 +16,9 @@ CompressedData: () = {
COMPRESSED_DATA Message POP
};
-SeipPart: () = {
- SEIP Message MDC POP,
- SEIP OPAQUE_CONTENT POP,
+Seipv1Part: () = {
+ SEIPv1 Message MDC POP,
+ SEIPv1 OPAQUE_CONTENT POP,
}
AedPart: () = {
@@ -32,7 +32,7 @@ EncryptedPart: () = {
};
EncryptionContainer: () = {
- SeipPart,
+ Seipv1Part,
AedPart,
};
@@ -68,7 +68,7 @@ extern {
COMPRESSED_DATA => lexer::Token::CompressedData,
SKESK => lexer::Token::SKESK,
PKESK => lexer::Token::PKESK,
- SEIP => lexer::Token::SEIP,
+ SEIPv1 => lexer::Token::SEIPv1,
MDC => lexer::Token::MDC,
AED => lexer::Token::AED,
OPS => lexer::Token::OPS,
diff --git a/openpgp/src/message/lexer.rs b/openpgp/src/message/lexer.rs
index 8e6f8910..35133306 100644
--- a/openpgp/src/message/lexer.rs
+++ b/openpgp/src/message/lexer.rs
@@ -24,7 +24,11 @@ pub enum Token {
/// An PK-ESK packet.
PKESK,
/// A SEIP packet.
+ #[deprecated(since = "1.8.0",
+ note = "The explicitly versioned SEIPv1 is used instead.")]
SEIP,
+ /// A version 1 SEIP packet.
+ SEIPv1,
/// An MDC packet.
MDC,
/// An AED packet.
diff --git a/openpgp/src/message/mod.rs b/openpgp/src/message/mod.rs
index 0967607e..7a423406 100644
--- a/openpgp/src/message/mod.rs
+++ b/openpgp/src/message/mod.rs
@@ -191,7 +191,7 @@ impl MessageValidator {
/// Unlike `push_token`, this function does not automatically
/// account for changes in the depth. If you use this function
/// directly, you must push any required `Token::Pop` tokens.
- pub fn push(&mut self, tag: Tag, path: &[usize]) {
+ pub fn push(&mut self, tag: Tag, version: Option<u8>, path: &[usize]) {
if self.error.is_some() {
return;
}
@@ -201,7 +201,7 @@ impl MessageValidator {
Tag::CompressedData => Token::CompressedData,
Tag::SKESK => Token::SKESK,
Tag::PKESK => Token::PKESK,
- Tag::SEIP => Token::SEIP,
+ Tag::SEIP if version == Some(1) => Token::SEIPv1,
Tag::MDC => Token::MDC,
Tag::AED => Token::AED,
Tag::OnePassSig => Token::OPS,
@@ -444,7 +444,7 @@ impl TryFrom<PacketPile> for Message {
{:?} packet (at {:?}) not expected: {}",
u.tag(), path, u.error())))
.into()),
- _ => v.push(packet.tag(), &path),
+ _ => v.push(packet.tag(), packet.version(), &path),
}
match packet {
@@ -541,32 +541,32 @@ mod tests {
result: true,
},
TestVector {
- s: &[SEIP, Literal, MDC, Pop],
+ s: &[SEIPv1, Literal, MDC, Pop],
result: true,
},
TestVector {
- s: &[CompressedData, SEIP, Literal, MDC, Pop, Pop],
+ s: &[CompressedData, SEIPv1, Literal, MDC, Pop, Pop],
result: true,
},
TestVector {
- s: &[CompressedData, SEIP, CompressedData, Literal,
+ s: &[CompressedData, SEIPv1, CompressedData, Literal,
Pop, MDC, Pop, Pop],
result: true,
},
TestVector {
- s: &[SEIP, MDC, Pop],
+ s: &[SEIPv1, MDC, Pop],
result: false,
},
TestVector {
- s: &[SKESK, SEIP, Literal, MDC, Pop],
+ s: &[SKESK, SEIPv1, Literal, MDC, Pop],
result: true,
},
TestVector {
- s: &[PKESK, SEIP, Literal, MDC, Pop],
+ s: &[PKESK, SEIPv1, Literal, MDC, Pop],
result: true,
},
TestVector {
- s: &[SKESK, SKESK, SEIP, Literal, MDC, Pop],
+ s: &[SKESK, SKESK, SEIPv1, Literal, MDC, Pop],
result: true,
},
@@ -613,7 +613,7 @@ mod tests {
result: false,
},
TestVector {
- s: &[OPS, OPS, SEIP, OPS, SEIP, Literal, MDC, Pop,
+ s: &[OPS, OPS, SEIPv1, OPS, SEIPv1, Literal, MDC, Pop,
SIG, MDC, Pop, SIG, SIG],
result: true,
},
@@ -631,11 +631,11 @@ mod tests {
result: true,
},
TestVector {
- s: &[SEIP, CompressedData, OpaqueContent, Pop, MDC, Pop],
+ s: &[SEIPv1, CompressedData, OpaqueContent, Pop, MDC, Pop],
result: true,
},
TestVector {
- s: &[SEIP, OpaqueContent, Pop],
+ s: &[SEIPv1, OpaqueContent, Pop],
result: true,
},
];
@@ -664,86 +664,101 @@ mod tests {
use crate::packet::Tag::*;
struct TestVector<'a> {
- s: &'a [(Tag, isize)],
+ s: &'a [(Tag, Option<u8>, isize)],
result: bool,
}
let test_vectors = [
TestVector {
- s: &[(Literal, 0)][..],
+ s: &[(Literal, None, 0)][..],
result: true,
},
TestVector {
- s: &[(CompressedData, 0), (Literal, 1)],
+ s: &[(CompressedData, None, 0), (Literal, None, 1)],
result: true,
},
TestVector {
- s: &[(CompressedData, 0), (CompressedData, 1), (Literal, 2)],
+ s: &[(CompressedData, None, 0), (CompressedData, None, 1),
+ (Literal, None, 2)],
result: true,
},
TestVector {
- s: &[(SEIP, 0), (Literal, 1), (MDC, 1)],
+ s: &[(SEIP, Some(1), 0), (Literal, None, 1), (MDC, None, 1)],
result: true,
},
TestVector {
- s: &[(CompressedData, 0), (SEIP, 1), (Literal, 2), (MDC, 2)],
+ s: &[(CompressedData, None, 0), (SEIP, Some(1), 1),
+ (Literal, None, 2), (MDC, None, 2)],
result: true,
},
TestVector {
- s: &[(CompressedData, 0), (SEIP, 1),
- (CompressedData, 2), (Literal, 3), (MDC, 2)],
+ s: &[(CompressedData, None, 0), (SEIP, Some(1), 1),
+ (CompressedData, None, 2), (Literal, None, 3),
+ (MDC, None, 2)],
result: true,
},
TestVector {
- s: &[(CompressedData, 0), (SEIP, 1),
- (CompressedData, 2), (Literal, 3), (MDC, 3)],
+ s: &[(CompressedData, None, 0), (SEIP, Some(1), 1),
+ (CompressedData, None, 2), (Literal, None, 3),
+ (MDC, None, 3)],
result: false,
},
TestVector {
- s: &[(SEIP, 0), (MDC, 0)],
+ s: &[(SEIP, Some(1), 0), (MDC, None, 0)],
result: false,
},
TestVector {
- s: &[(SKESK, 0), (SEIP, 0), (Literal, 1), (MDC, 1)],
+ s: &[(SKESK, None, 0), (SEIP, Some(1), 0), (Literal, None, 1),
+ (MDC, None, 1)],
result: true,
},
TestVector {
- s: &[(PKESK, 0), (SEIP, 0), (Literal, 1), (MDC, 1)],
+ s: &[(PKESK, None, 0), (SEIP, Some(1), 0), (Literal, None, 1),
+ (MDC, None, 1)],
result: true,
},
TestVector {
- s: &[(PKESK, 0), (SEIP, 0), (CompressedData, 1), (Literal, 2),
- (MDC, 1)],
+ s: &[(PKESK, None, 0), (SEIP, Some(1), 0),
+ (CompressedData, None, 1), (Literal, None, 2),
+ (MDC, None, 1)],
result: true,
},
TestVector {
- s: &[(SKESK, 0), (SKESK, 0), (SEIP, 0), (Literal, 1), (MDC, 1)],
+ s: &[(SKESK, None, 0), (SKESK, None, 0), (SEIP, Some(1), 0),
+ (Literal, None, 1), (MDC, None, 1)],
result: true,
},
TestVector {
- s: &[(OnePassSig, 0), (Literal, 0), (Signature, 0)],
+ s: &[(OnePassSig, None, 0), (Literal, None, 0),
+ (Signature, None, 0)],
result: true,
},
TestVector {
- s: &[(OnePassSig, 0), (CompressedData, 0), (Literal, 1),
- (Signature, 0)],
+ s: &[(OnePassSig, None, 0), (CompressedData, None, 0),
+ (Literal, None, 1),
+ (Signature, None, 0)],
result: true,
},
TestVector {
- s: &[(OnePassSig, 0), (OnePassSig, 0), (Literal, 0),
- (Signature, 0), (Signature, 0)],
+ s: &[(OnePassSig, None, 0), (OnePassSig, None, 0),
+ (Literal, None, 0),
+ (Signature, None, 0), (Signature, None, 0)],
result: true,
},
TestVector {
- s: &[(OnePassSig, 0), (OnePassSig, 0), (Literal, 0),
- (Signature, 0)],
+ s: &[(OnePassSig, None, 0), (OnePassSig, None, 0),
+ (Literal, None, 0),
+ (Signature, None, 0)],
result: false,
},
TestVector {
- s: &[(OnePassSig, 0), (OnePassSig, 0), (SEIP, 0),
- (OnePassSig, 1), (SEIP, 1), (Literal, 2), (MDC, 2),
- (Signature, 1), (MDC, 1), (Signature, 0), (Signature, 0)],
+ s: &[(OnePassSig, None, 0), (OnePassSig, None, 0),
+ (SEIP, Some(1), 0),
+ (OnePassSig, None, 1), (SEIP, Some(1), 1),
+ (Literal, None, 2), (MDC, None, 2),
+ (Signature, None, 1), (MDC, None, 1), (Signature, None, 0),
+ (Signature, None, 0)],
result: true,
},
@@ -753,16 +768,18 @@ mod tests {
// that version to report that newer software is necessary
// to process the message.", section 5.8 of RFC4880.
TestVector {
- s: &[(Marker, 0),
- (OnePassSig, 0), (Literal, 0), (Signature, 0)],
+ s: &[(Marker, None, 0),
+ (OnePassSig, None, 0), (Literal, None, 0),
+ (Signature, None, 0)],
result: true,
},
];
for v in &test_vectors {
let mut l = MessageValidator::new();
- for (token, depth) in v.s.iter() {
+ for (token, version, depth) in v.s.iter() {
l.push(*token,
+ *version,
&(0..1 + *depth)
.map(|x| x as usize)
.collect::<Vec<_>>()[..]);
@@ -1205,7 +1222,7 @@ mod tests {
use crate::packet::Tag;
let mut l = MessageValidator::new();
- l.push(Tag::Literal, &[0]);
+ l.push(Tag::Literal, None, &[0]);
l.finish();
assert!(matches!(l.check(), MessageValidity::Message));
@@ -1235,7 +1252,7 @@ mod tests {
// Simple one-literal message.
let mut l = MessageValidator::new();
- l.push(Tag::Literal, &[0]);
+ l.push(Tag::Literal, None, &[0]);
assert!(matches!(l.check(), MessageValidity::MessagePrefix));
l.finish();
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs
index eaa10d29..de76328c 100644
--- a/openpgp/src/parse.rs
+++ b/openpgp/src/parse.rs
@@ -4532,7 +4532,9 @@ impl <'a> PacketParser<'a> {
},
ParserResult::Success(mut pp) => {
let path = pp.path().to_vec();
- pp.state.message_validator.push(pp.packet.tag(), &path);
+ pp.state.message_validator.push(
+ pp.packet.tag(), pp.packet.version(),
+ &path);
pp.state.keyring_validator.push(pp.packet.tag());
pp.state.cert_validator.push(pp.packet.tag());
@@ -4620,7 +4622,9 @@ impl <'a> PacketParser<'a> {
self.packet.tag(), pp.packet.tag());
pp.state.message_validator.push(
- pp.packet.tag(), &path);
+ pp.packet.tag(),
+ pp.packet.version(),
+ &path);
pp.state.keyring_validator.push(pp.packet.tag());
pp.state.cert_validator.push(pp.packet.tag());
diff --git a/openpgp/src/parse/packet_parser_builder.rs b/openpgp/src/parse/packet_parser_builder.rs
index 24b9a13b..e23767a0 100644
--- a/openpgp/src/parse/packet_parser_builder.rs
+++ b/openpgp/src/parse/packet_parser_builder.rs
@@ -444,7 +444,8 @@ impl<'a> PacketParserBuilder<'a> {
match PacketParser::parse(Box::new(self.bio), state, vec![ 0 ])? {
ParserResult::Success(mut pp) => {
// We successfully parsed the first packet's header.
- pp.state.message_validator.push(pp.packet.tag(), &[0]);
+ pp.state.message_validator.push(
+ pp.packet.tag(), pp.packet.version(), &[0]);
pp.state.keyring_validator.push(pp.packet.tag());
pp.state.cert_validator.push(pp.packet.tag());
Ok(PacketParserResult::Some(pp))
diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs
index 992b6f3c..4d2694ae 100644
--- a/openpgp/src/parse/stream.rs
+++ b/openpgp/src/parse/stream.rs
@@ -709,7 +709,7 @@ enum IMessageLayer {
depth: isize,
/// Do we expect an MDC packet?
///
- /// I.e. is this a SEIP container?
+ /// I.e. is this a SEIPv1 container?
expect_mdc: bool,
sym_algo: SymmetricAlgorithm,
aead_algo: Option<AEADAlgorithm>,
@@ -2414,7 +2414,8 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
v.structure.new_encryption_layer(
pp.recursion_depth(),
- pp.packet.tag() == packet::Tag::SEIP,
+ pp.packet.tag() == packet::Tag::SEIP
+ && pp.packet.version() == Some(1),
sym_algo,
if let Packet::AED(ref p) = pp.packet {
Some(p.aead())
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 10:14:32 +0000