diff options
| author | Neal H. Walfield <neal@pep.foundation> | 2024-01-12 17:20:26 +0100 |
|---|---|---|
| committer | Neal H. Walfield <neal@sequoia-pgp.org> | 2024-01-25 09:28:28 +0100 |
| commit | 049b0590040ebf08338b05f9483663dd280c1ca5 (patch) | |
| tree | 033eddfcf3e3d98c3ad1999cbe3eaa03252d7771 | |
| parent | a55cd9025faf9fea54b63d168a5bec555c95ba7f (diff) | |
openpgp: Reject short key IDs.
- When parsing a key ID string, reject short key IDs.
- Note: we can't reject short key IDs in `KeyID::from_bytes`,
because that function in infallible. But, that function does return
`KeyID::Invalid` when presented with a short key ID.
- Fixes #388.
| -rw-r--r-- | openpgp/NEWS | 1 | ||||
| -rw-r--r-- | openpgp/src/keyid.rs | 17 | ||||
| -rw-r--r-- | openpgp/src/lib.rs | 4 |
3 files changed, 20 insertions, 2 deletions
diff --git a/openpgp/NEWS b/openpgp/NEWS index d5b7debf..c68fd0d8 100644 --- a/openpgp/NEWS +++ b/openpgp/NEWS @@ -17,6 +17,7 @@ - Cert::exportable - CertBuilder::set_exportable - UserID::from_static_bytes + - Error::ShortKeyID * Changes in 1.17.0 ** Notable fixes - Sequoia now ignores some formatting errors when reading secret diff --git a/openpgp/src/keyid.rs b/openpgp/src/keyid.rs index 2d880706..1dc08fe8 100644 --- a/openpgp/src/keyid.rs +++ b/openpgp/src/keyid.rs @@ -107,6 +107,8 @@ impl std::str::FromStr for KeyID { // A KeyID is exactly 8 bytes long. if bytes.len() == 8 { Ok(KeyID::from_bytes(&bytes[..])) + } else if bytes.len() == 4 { + Err(Error::ShortKeyID(s.to_string()).into()) } else { // Maybe a fingerprint was given. Try to parse it and // convert it to a KeyID. @@ -456,8 +458,19 @@ mod test { "GB3751F1587DAEF1".parse::<KeyID>().unwrap_err(); "EFB3751F1587DAEF1".parse::<KeyID>().unwrap_err(); "%FB3751F1587DAEF1".parse::<KeyID>().unwrap_err(); - assert_match!(KeyID::Invalid(_) = "587DAEF1".parse().unwrap()); - assert_match!(KeyID::Invalid(_) = "0x587DAEF1".parse().unwrap()); + } + + #[test] + fn from_hex_short_keyid() { + for s in &[ "FB3751F1", "0xFB3751F1", "fb3751f1", "0xfb3751f1" ] { + match s.parse::<KeyID>() { + Ok(_) => panic!("Failed to reject short Key ID."), + Err(err) => { + let err = err.downcast_ref::<Error>().unwrap(); + assert!(matches!(err, Error::ShortKeyID(_))); + } + } + } } #[test] diff --git a/openpgp/src/lib.rs b/openpgp/src/lib.rs index 6f792c88..09e1bfca 100644 --- a/openpgp/src/lib.rs +++ b/openpgp/src/lib.rs @@ -345,6 +345,10 @@ pub enum Error { }) .unwrap_or_else(|| "".into()))] PolicyViolation(String, Option<std::time::SystemTime>), + + /// Short key IDs are insecure, and not supported. + #[error("Short key IDs are insecure, and not supported: {0}")] + ShortKeyID(String), } assert_send_and_sync!(Error); |