[Rpm-maint] [rpm-software-management/rpm] Ignore most unhashed subpackets in OpenPGP signatures (Issue #1886)

Demi Marie Obenour notifications at github.com
Mon Jan 17 13:25:43 UTC 2022


> > Therefore, it is only safe to process subpackets that restrict the validity of the signature.
> 
> Not quite. It is only safe to process subpackets that are self-authenticating. For example, the issuer subpacket is self-authenticating: It is used as a hint as to which key made the signature. If that key is found, the signature can be verified with it. If successful, this authenticates the issuer subpacket.

Agreed.  I would go further and reject a signature that has a subpacket which cannot validly be in the unhashed section.

> > I recommend going further and ignoring everything except for primary key binding signatures, key ID subpackets, and fingerprint subpackets.
> 
> I'm assuming you mean embedded signature, issuer, and issuer fingerprint subpackets. That list looks good, yes.

Is there ever a reason to have an embedded signature in a type 0 or type 1 signature?  The only use-case I can think of is timestamping.  At the very least, an embedded signature must not also have an embedded signature to avoid recursion.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1886#issuecomment-1014536705
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/1886/1014536705 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220117/e1a77496/attachment-0001.html>


More information about the Rpm-maint mailing list