blob: b6189f9d7e36d5ac2787eae24f41299d4ade7ba8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
From 7f830132fe717d4b31c035bb3d08379451e3cd81 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Thu, 14 Apr 2022 15:38:11 -0400
Subject: [PATCH] Fix OpenPGP key ID parsing regression
This fixes a regression in 598a771d8b4f4f480d4990ccf59b978d537201dd,
which caused RPM to parse key flags from a hashed key ID subpacket. As
a result, RPM would wrongly reject a signature that had both key ID and
key usage flags subpackets in the hashed section.
---
rpmio/rpmpgp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
index 93c1be2..ea3905b 100644
--- a/rpmio/rpmpgp.c
+++ b/rpmio/rpmpgp.c
@@ -323,6 +323,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype,
_digp->saved |= PGPDIG_SAVED_ID;
memcpy(_digp->signid, p+1, sizeof(_digp->signid));
}
+ break;
case PGPSUBTYPE_KEY_FLAGS: /* Key usage flags */
/* Subpackets in the unhashed section cannot be trusted */
if (!hashed)
--
1.8.3.1
|
