pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/43245: security/netpgp fails to verify a detached/armored signature with .asc extension



>Number:         43245
>Category:       pkg
>Synopsis:       security/netpgp fails to verify a detached/armored signature 
>with .asc extension
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue May 04 00:25:00 +0000 2010
>Originator:     Juan RP
>Release:        NULL
>Organization:
>Environment:
>Description:
libnetpgp from security/netpgp version 20100313 fails to verify a file with 
signature that has been created "armored and detached" with files that have any 
other extension that ".sig". Usually armored files have the '.asc' extension.

The following test program illustrates this:

[juan@nocturno ~]$ ls -l splash.rle*
-r--r--r-- 1 juan juan 14517 dic 20 15:35 splash.rle
-rw-r--r-- 1 juan juan   836 may  4 02:01 splash.rle.sig
[juan@nocturno ~]$

juan@nocturno ~]$ cat splash.rle.sig 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAABAgAGBQJL32PxAAoJEH9nDVLml/uIrtwQAMdQ8aZUNyDChSc+E0YLDHeV
sRlpvZ4GXiNGlkhtVd7LqvUTNanNRooKjMrVwbxTU7e8Nd4zjri7sIAeoDB2dKiM
bbXzF0cL/K4pKv4jXzGUuKiUY2w8rzoBYzpCMncg/O7nXtIBI8vBRQzTz1h0eEcW
xRIcwddixmIPn28YzJe+o+z6OMiFO5UgDwH9/ir1gxxN/tSQI6VyefiwYP3S1hVh
YZhtfv3SDZlUJmhjl9VXl1WDHCJRCW26Ktx3PC+1Va5iPKc/hJTOCRPivfwuVgW7
bRU5la1JP6aqbhX+NdCxPHnG1vbWYQrT47J/y7jPlJwzfaVIXZTdQqFY//9d0i73
wkb1TwNfvF/r4+I8lgHuGPucCd/a71W9Ly6BaSv/G0qA9KDgDon7Zj2SX9FsoUQi
PaiBlq6clg/W1M6Hd2adKVyS9m2hch5Sz+SZAG83FMIK9ERlBh+Bxi/C6NukJ7pE
UhAEWhLD7/V4OaN2373AQXBOzlJzhYR/9uvq42Yf96Q1Y0L+tpp/cTH/GVJ4hC/0
xTcvNIXv8NbDP9X0gbL9ptjxQqJXDx37cCrNw1X1w1Mf2r242Q9IiKyhl+01iaih
WDVNH37A1mAZRiqZA4XfhpqUIMuUH8j3cEIhWpIw6U1pnYDGq7dc+WIpxxZguvsc
om1ZIAbQv/s0lQdjnGiP
=yG+A
-----END PGP SIGNATURE-----
[juan@nocturno ~]$

[juan@nocturno ~]$ ./a.out ./splash.rle.sig 
netpgp: assuming signed data in "./splash.rle"
Good signature for ./splash.rle.sig made Tue May  4 02:01:53 2010
using RSA (Encrypt or Sign) key 7f670d52e697fb88
pub 4096/RSA (Encrypt or Sign) 7f670d52e697fb88 2010-05-03 [EXPIRES 2011-05-03]
Key fingerprint: f1a0 67f4 18d8 320a 4813 b78b 7f67 0d52 e697 fb88 
uid              Juan Romero Pardines <xtraeme%gmail.com@localhost>
sub 4096/RSA (Encrypt or Sign) 7f670d52e697fb88 2010-05-03 [EXPIRES 2011-05-03]
[juan@nocturno ~]$

Now when we move this signature file to '.asc' it returns:

[juan@nocturno ~]$ ./a.out ./splash.rle.asc 
"./splash.rle.asc": verification failure: 1 invalid signatures, 0 unknown 
signatures
netpgp_verify_file: Bad file descriptor
[juan@nocturno ~]$

a.out source code:

include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <netpgp.h>

int main(int argc, char **argv)
{
        netpgp_t npgp;

        memset(&npgp, 0, sizeof(npgp));
        netpgp_setvar(&npgp, "homedir", "/home/juan/.gnupg");

        if (!netpgp_init(&npgp))
                perror("netgpg_init");

        if (!netpgp_verify_file(&npgp, argv[1], NULL, 1))
                perror("netpgp_verify_file");

        netpgp_end(&npgp);
        exit(0);
}

The appended patch makes both cases work. Another way would be to simply skip 
the file extension test and check it all the time, not sure.
>How-To-Repeat:

>Fix:
--- src/lib/validate.c.orig     2010-05-04 02:07:27.512355384 +0200
+++ src/lib/validate.c  2010-05-04 02:08:47.038371812 +0200
@@ -814,7 +814,8 @@ __ops_validate_file(__ops_io_t *io,
        sigsize = st.st_size;
        detachname = NULL;
        cc = snprintf(origfile, sizeof(origfile), "%s", infile);
-       if (strcmp(&origfile[cc - 4], ".sig") == 0) {
+       if ((strcmp(&origfile[cc - 4], ".sig") == 0) ||
+           (strcmp(&origfile[cc - 4], ".asc") == 0)) {
                origfile[cc - 4] = 0x0;
                if (stat(origfile, &st) == 0 &&
                    st.st_size > sigsize - SIG_OVERHEAD) {



Home | Main Index | Thread Index | Old Index