packages/gnupg2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
gnupg2/fix-CVE-2019-14855-0-Ignore-all-SHA-1-3rd-party-key-sig.patch
Anakin Zhang 9d7154fdc4 fix CVE-2019-14855
2020-04-22 19:44:10 +08:00

100 lines
3.1 KiB
Diff
Raw Blame History

From 7d9aad63c4f1aefe97da61baf5acd96c12c0278e Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 3 Oct 2019 18:20:59 +0200
Subject: [PATCH] gpg: Ignore all SHA-1 signatures in 3rd party key signatures.
* g10/sig-check.c (check_signature_over_key_or_uid): No cut-off date
and remove debug output.
--
With 2.2 we do not not support SHA-1 key signatures anymore even if
that means that the WoT shrinks.
Signed-off-by: Werner Koch <wk@gnupg.org>
---
g10/sig-check.c | 40 +++++++++++++++++++++++++---------------
1 file changed, 25 insertions(+), 15 deletions(-)
diff --git a/g10/sig-check.c b/g10/sig-check.c
index a93b496..c1498ef 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -824,6 +824,10 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
PKT_public_key *pripk = kb->pkt->pkt.public_key;
gcry_md_hd_t md;
int signer_alloced = 0;
+ int stub_is_selfsig;
+
+ if (!is_selfsig)
+ is_selfsig = &stub_is_selfsig;
rc = openpgp_pk_test_algo (sig->pubkey_algo);
if (rc)
@@ -857,14 +861,11 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
if (signer)
{
- if (is_selfsig)
- {
- if (signer->keyid[0] == pripk->keyid[0]
- && signer->keyid[1] == pripk->keyid[1])
- *is_selfsig = 1;
- else
- *is_selfsig = 0;
- }
+ if (signer->keyid[0] == pripk->keyid[0]
+ && signer->keyid[1] == pripk->keyid[1])
+ *is_selfsig = 1;
+ else
+ *is_selfsig = 0;
}
else
{
@@ -874,8 +875,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
{
/* Issued by the primary key. */
signer = pripk;
- if (is_selfsig)
- *is_selfsig = 1;
+ *is_selfsig = 1;
}
else
{
@@ -904,8 +904,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
if (! signer)
{
/* Signer by some other key. */
- if (is_selfsig)
- *is_selfsig = 0;
+ *is_selfsig = 0;
if (ret_pk)
{
signer = ret_pk;
@@ -966,9 +965,20 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
else if (IS_UID_SIG (sig) || IS_UID_REV (sig))
{
log_assert (packet->pkttype == PKT_USER_ID);
- hash_public_key (md, pripk);
- hash_uid_packet (packet->pkt.user_id, md, sig);
- rc = check_signature_end_simple (signer, sig, md);
+ if (sig->digest_algo == DIGEST_ALGO_SHA1 && !*is_selfsig)
+ {
+ /* If the signature was created using SHA-1 we consider this
+ * signature invalid because it makes it possible to mount a
+ * chosen-prefix collision. We don't do this for
+ * self-signatures, though. */
+ rc = gpg_error (GPG_ERR_DIGEST_ALGO);
+ }
+ else
+ {
+ hash_public_key (md, pripk);
+ hash_uid_packet (packet->pkt.user_id, md, sig);
+ rc = check_signature_end_simple (signer, sig, md);
+ }
}
else
{
--
2.19.1
Reference in New Issue View Git Blame Copy Permalink