gpg --import segfaults on a specific key
Werner Koch
wk at gnupg.org
Wed Apr 16 14:57:35 CEST 2014
On Wed, 16 Apr 2014 12:53, hanno at hboeck.de said:
> I already posted this to the gcrypt-devel list, but seems there isn't
> much activity and I don't know if this is a bug in libgcrypt or gnupg,
Sorry for delaying this. I just looked at it and found a fix. See below.
> I can reproduce it on another system with libgcrypt 1.5.3. Both are
I have not yet analyzed why it also crashes with libgcrypt 1.5.3. 1.5.3
still knows about RSA_S (3). Anyway the patch to GnupG 2.0 fixes it.
GnuPG master is not affected due to an explict OpenPGP/Libgcrypt
algorithm mapping table.
Salam-Shalom,
Werner
====
>From efecbb7a3f0c32ea40db3a050c89f288550b05c2 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk at gnupg.org>
Date: Tue, 15 Apr 2014 16:40:48 +0200
Subject: [PATCH] gpg: Fix use of deprecated RSA_E and RSA_E with newer
libgcrypts.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* g10/misc.c (pubkey_get_npkey): Map RSA_E and RSA_S to RSA.
(pubkey_get_nskey): Ditto.
(pubkey_get_nsig): Ditto.
(pubkey_get_nenc): Ditto.
(pubkey_nbits): Take care of RSA_E and RSA_S.
--
The problem was that parse_key did not know about RSA_S and thus used
an opaque MPI which later crashed Libgcrypt. It is possible to fix
that also in Libgcrypt but we better do it here as well.
A test key using RSA_S is 0x98EEB6F7D87171CF.
Reported-by: Hanno Böck
---
g10/misc.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/g10/misc.c b/g10/misc.c
index 9b7c8ab..82a13aa 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -1359,6 +1359,9 @@ pubkey_get_npkey( int algo )
if (algo == GCRY_PK_ELG_E)
algo = GCRY_PK_ELG;
+ else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S)
+ algo = GCRY_PK_RSA;
+
if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo),
GCRYCTL_GET_ALGO_NPKEY, NULL, &n))
n = 0;
@@ -1379,6 +1382,9 @@ pubkey_get_nskey( int algo )
if (algo == GCRY_PK_ELG_E)
algo = GCRY_PK_ELG;
+ else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S)
+ algo = GCRY_PK_RSA;
+
if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo),
GCRYCTL_GET_ALGO_NSKEY, NULL, &n ))
n = 0;
@@ -1399,6 +1405,9 @@ pubkey_get_nsig( int algo )
if (algo == GCRY_PK_ELG_E)
algo = GCRY_PK_ELG;
+ else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S)
+ algo = GCRY_PK_RSA;
+
if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo),
GCRYCTL_GET_ALGO_NSIGN, NULL, &n))
n = 0;
@@ -1419,6 +1428,9 @@ pubkey_get_nenc( int algo )
if (algo == GCRY_PK_ELG_E)
algo = GCRY_PK_ELG;
+ else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S)
+ algo = GCRY_PK_RSA;
+
if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo),
GCRYCTL_GET_ALGO_NENCR, NULL, &n ))
n = 0;
@@ -1443,7 +1455,9 @@ pubkey_nbits( int algo, gcry_mpi_t *key )
"(public-key(elg(p%m)(g%m)(y%m)))",
key[0], key[1], key[2] );
}
- else if( algo == GCRY_PK_RSA ) {
+ else if (algo == GCRY_PK_RSA
+ || algo == GCRY_PK_RSA_S
+ || algo == GCRY_PK_RSA_E ) {
rc = gcry_sexp_build ( &sexp, NULL,
"(public-key(rsa(n%m)(e%m)))",
key[0], key[1] );
--
1.8.4.3
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list