From 40aaa2dd2f7e825efb18b6869c5a7a1724ab60fb Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Fri, 18 Nov 2022 11:09:14 +0100 Subject: openpgp: Ignore marker packets when validating cert streams. - While we correctly ignored marker packets in the CertParser, we did not ignore them in the CertValidator. This made sq inspect complain about marker packets in certrings. --- openpgp/src/cert/parser/mod.rs | 6 ++++++ openpgp/src/parse.rs | 38 +++++++++++++++++++++++++++++++++----- 2 files changed, 39 insertions(+), 5 deletions(-) diff --git a/openpgp/src/cert/parser/mod.rs b/openpgp/src/cert/parser/mod.rs index f7b3289a..32270b48 100644 --- a/openpgp/src/cert/parser/mod.rs +++ b/openpgp/src/cert/parser/mod.rs @@ -157,6 +157,12 @@ impl KeyringValidator { Tag::UserAttribute => Token::UserAttribute(None), Tag::Signature => Token::Signature(None), Tag::Trust => Token::Trust(None), + Tag::Marker => { + // Ignore Marker Packet. RFC4880, section 5.8: + // + // Such a packet MUST be ignored when received. + return; + }, _ => { // Unknown token. self.error = Some(CertParserError::OpenPGP( diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index fe421c71..c7912584 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -5474,6 +5474,7 @@ impl<'a> PacketParser<'a> { #[cfg(test)] mod test { use super::*; + use crate::serialize::Serialize; enum Data<'a> { File(&'a str), @@ -5803,15 +5804,27 @@ mod test { #[test] fn keyring_validator() { - use std::io::Cursor; + for marker in 0..4 { + let marker_before = marker & 1 > 0; + let marker_after = marker & 2 > 0; + for test in &["testy.pgp", "lutz.gpg", "testy-new.pgp", "neal.pgp"] { - let mut ppr = PacketParserBuilder::from_reader( - Cursor::new(crate::tests::key("testy.pgp")).chain( - Cursor::new(crate::tests::key(test)))).unwrap() + let mut buf = Vec::new(); + if marker_before { + Packet::Marker(Default::default()).serialize(&mut buf).unwrap(); + } + buf.extend_from_slice(crate::tests::key("testy.pgp")); + buf.extend_from_slice(crate::tests::key(test)); + if marker_after { + Packet::Marker(Default::default()).serialize(&mut buf).unwrap(); + } + + let mut ppr = PacketParserBuilder::from_bytes(&buf) + .unwrap() .build() .expect(&format!("Error reading {:?}", test)); @@ -5826,16 +5839,30 @@ mod test { unreachable!(); } } + } } #[test] fn cert_validator() { + for marker in 0..4 { + let marker_before = marker & 1 > 0; + let marker_after = marker & 2 > 0; + for test in &["testy.pgp", "lutz.gpg", "testy-new.pgp", "neal.pgp"] { - let mut ppr = PacketParserBuilder::from_bytes(crate::tests::key(test)) + let mut buf = Vec::new(); + if marker_before { + Packet::Marker(Default::default()).serialize(&mut buf).unwrap(); + } + buf.extend_from_slice(crate::tests::key(test)); + if marker_after { + Packet::Marker(Default::default()).serialize(&mut buf).unwrap(); + } + + let mut ppr = PacketParserBuilder::from_bytes(&buf) .unwrap() .build() .expect(&format!("Error reading {:?}", test)); @@ -5852,6 +5879,7 @@ mod test { unreachable!(); } } + } } // If we don't decrypt the SEIP packet, it shows up as opaque -- cgit v1.2.3