[solved] Re: gpg 2.0.11 reports invalid packets on keys from gpg 1.4.9 and keyservers

Werner Koch wk at gnupg.org
Tue May 26 10:29:21 CEST 2009


Hi!

An older libgcrypt actually showed the problem:

  an mpi of size 0 is not allowed
  an mpi of size 0 is not allowed
  gpg: read_block: read error: Invalid packet

thus finding the bug was easy after John sent me the full bad key.  The
bug is due to an inconsistency between Libgcrypt and and GnuPG-1.4.
That problem must have been there for many years and will be fixed in
Libgcrypt 1.5.0.  For the time being I implemented a workaround in
GnuPG.  It is already commited SVN to trunk; find a patch below.


Shalom-Salam,

   Werner


--- g10/parse-packet.c      (revision 5015)
+++ g10/parse-packet.c      (working copy)
@@ -139,9 +139,19 @@
       p[i+2] = iobuf_get(inp) & 0xff;
       nread++;
     }
-  if ( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, nread, &nread ) )
-    a = NULL;
-    
+
+  if (nread >= 2 && !(buf[0] << 8 | buf[1]))
+    {
+      /* Libgcrypt < 1.5.0 accidently rejects zero-length (i.e. zero)
+         MPIs.  We fix this here.  */
+      a = gcry_mpi_new (0);
+    }
+  else
+    {
+      if ( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, nread, &nread ) )
+        a = NULL;
+    }
+
  leave:
   gcry_free(buf);
   if ( nread > *ret_nread )


-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gnupg-devel mailing list