[PATCH gnupg] g10/import.c: ignore too large signature packets

Robert Bartel r.bartel at gmx.net
Fri Apr 15 18:47:27 CEST 2022


Hello list,

I recently noticed a denial of service against the German eID
certification public key from Governikus (https://pgp.governikus.de) on
the keyserver hkps://keyserver.ubuntu.com: Trying to import it from the
keyserver with GnuPG 2.3.4 fails due to a too large signature packet,
which can be reproduced with:

gpg -vv --recv-keys 0x5E5CCCB4A4BF43D7

At the end of the output of this command you can see a signature packet
with a misused policy url field carrying a so called improvement
suggestion in German. This packet is followed by another one which
includes hashed data exceeding the arbitrary size limit of 10000 bytes
from g10/parse-packet.c line 2140, leading to the import error of:

gpg: signature packet: hashed data too long
gpg: read_block: read error: Invalid packet
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

A better behavior, instead of failing the public key import, would be to
just ignore too large signature packets. This can be achieved with the
attached trivial patch of g10/import.c. It allows the import to succeed
with the "signature packet: hashed data too long" warning.

I hope it does not introduce new problems in the code, like missing self
signatures when they are too large (will the import fail or lead to an
invalid imported public key?).

Maybe someone with more insight into the matter can also think of other
possible DoS scenarios, like other maliciously large packet types or
similar, which should additionally be handled at this point of the
code.

Please consider applying the patch upstream or making equivalent changes
to the code, to get GnuPG more DoS resistant in the future.

Thank you,
Robert
-------------- next part --------------
diff -urd gnupg-2.3.4/g10/import.c gnupg-2.3.4-patched/g10/import.c
--- gnupg-2.3.4/g10/import.c	2021-11-12 16:13:51.000000000 +0100
+++ gnupg-2.3.4-patched/g10/import.c	2022-04-15 18:07:02.632703389 +0200
@@ -995,8 +995,9 @@
             }
           else if (gpg_err_code (rc) == GPG_ERR_INV_PACKET
                    && (pkt->pkttype == PKT_OLD_COMMENT
-                       || pkt->pkttype == PKT_COMMENT))
-            ; /* Ignore too large comment packets.  */
+                       || pkt->pkttype == PKT_COMMENT
+                       || pkt->pkttype == PKT_SIGNATURE))
+            ; /* Ignore too large comment and signature packets. */
           else
             {
               log_error("read_block: read error: %s\n", gpg_strerror (rc) );
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 313 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20220415/84a9ddac/attachment-0001.sig>


More information about the Gnupg-devel mailing list