[Rpm-maint] [rpm-software-management/rpm] Reject bogus unhashed subpackets (#1741)
Demi Marie Obenour
notifications at github.com
Thu Jul 1 10:16:55 UTC 2021
According to [RFC 4880 §5.2.3]:
> There are two fields consisting of Signature subpackets. The first
> field is hashed with the rest of the signature data, while the second
> is unhashed. The second set of subpackets is not cryptographically
> protected by the signature and should include only advisory
> information.
In practice, there are two types of unhashed subpackets that I have seen in the wild:
1. Key ID subpackets. These are checked against the public key during signature verification.
2. Embedded signature subpackets. I have only seen these in subkey binding signatures.
Therefore, RPM can safely reject signatures that have any unhashed subpackets other than the key ID. In the future, RPM may rely on information in subpackets for security, so it is safer to start rejecting bogus unhashed subpackets now.
[RFC 4880 §5.2.3]: https://datatracker.ietf.org/doc/html/rfc4880.html#section-5.2.3
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1741
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210701/00b10dcd/attachment.html>
More information about the Rpm-maint
mailing list