From 00e37c36f214bf9d2e9794d3089e64522a6275a2 Mon Sep 17 00:00:00 2001 From: Jonathan McDowell Date: Fri, 17 Jan 2020 19:28:18 +0000 Subject: [PATCH] Cope with colliding 64 bit keyids when verifying signatures Signature keys can be indicated by 64 bit keyid rather than full fingerprint; there are very few of this collisions but they do exist and we should handle them gracefully rather than incorrectly dropping a signature. --- cleankey.c | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/cleankey.c b/cleankey.c index 51274fe..3a74098 100644 --- a/cleankey.c +++ b/cleankey.c @@ -141,7 +141,7 @@ int clean_sighashes(struct onak_dbctx *dbctx, bool *selfsig, bool *othersig) { struct openpgp_packet_list *tmpsig; - struct openpgp_publickey *sigkey = NULL; + struct openpgp_publickey *sigkeys = NULL, *curkey; onak_status_t ret; uint8_t hashtype; uint8_t hash[64]; @@ -198,10 +198,20 @@ int clean_sighashes(struct onak_dbctx *dbctx, } } - if (remove && dbctx->fetch_key_id(dbctx, sigid, - &sigkey, false)) { + if (remove) { + dbctx->fetch_key_id(dbctx, sigid, + &sigkeys, false); + } + + /* + * A 64 bit collision is probably a sign of something + * sneaky happening, but if the signature verifies we + * should keep it. + */ + for (curkey = sigkeys; curkey != NULL; + curkey = curkey->next) { - ret = onak_check_hash_sig(sigkey, + ret = onak_check_hash_sig(curkey, (*sigs)->packet, hash, hashtype); @@ -211,11 +221,12 @@ int clean_sighashes(struct onak_dbctx *dbctx, if (othersig != NULL) { *othersig = true; } + break; } - - free_publickey(sigkey); - sigkey = NULL; } + + free_publickey(sigkeys); + sigkeys = NULL; } #endif -- 2.39.5