Regular Expression Support
Werner Koch
wk at gnupg.org
Thu Feb 20 13:06:19 CET 2020
On Wed, 19 Feb 2020 16:32, Daniel Kahn Gillmor said:
> There has been a series of problems with the GnuPG implementation of
> regexps even on those platforms where some portion of regex is
> implemented, iirc.
Indeed we have had some problems with that due to our use of non-rfc4880
compliant regex libraries and different assumptions on which regexp are
to be used. OpenPGP states:
The regular expression uses the same syntax as the Henry Spencer's
"almost public domain" regular expression [REGEX] package. A
description of the syntax is found in Section 8 below.
I doubt that anyone fully checked Henry Spencer's code against the
description in section 8 or even against one of the larger regexp
implementations. GnuPG stepped things mostly aside by not allowing to
enter arbitrary regexps.
Aside of OpenPGP GnuPG has the small helper gpg-check-pattern to reject
common patterns as password. There we define regexp as
/* The pattern is an extended regular expression. */
but I think that it would be okay to use the Spencer code here as well.
The sample file list just two examples
# German number plates.
/^[A-Z]{1,3}[ ]*-[ ]*[A-Z]{1,2}[ ]*[0-9]+/
# Dates (very limited, only ISO dates). */
/^[012][0-9][0-9][0-9]-[012][0-9]-[0123][0-9]$/
which is vanilla extend r.e.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20200220/b608a6a1/attachment.sig>
More information about the Gnupg-devel
mailing list