[PATCH gnupg] g10/import.c: ignore too large signature packets

Werner Koch wk at gnupg.org
Fri Apr 22 20:40:30 CEST 2022


On Fri, 15 Apr 2022 18:47, Robert Bartel said:

> A better behavior, instead of failing the public key import, would be to
> just ignore too large signature packets. This can be achieved with the

Right.  However, this fixes just one case and has the side-effect that
it can be used to strip for example an revocation signatures.  This
might be possible by uploading a signature with extra data the unhashed
area.  Depends on the keyserver.

> I hope it does not introduce new problems in the code, like missing self
> signatures when they are too large (will the import fail or lead to an

Exactly.  Broken keys are broken and should better not be used.

> Please consider applying the patch upstream or making equivalent changes
> to the code, to get GnuPG more DoS resistant in the future.

I am not sure whether this makes a lot of sense given that this is just
one way to trigger a limit in GnuPG.  The limits have actually been
implemented to limit the effect of broken keys.


Salam-Shalom,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20220422/fa2787c7/attachment.sig>


More information about the Gnupg-devel mailing list