Open bwbroersma opened 1 year ago
With the new release a pgp formatter checker is added using the PGPy module which checks the OpenPGP message specification in accordance with RFC 4880.
Any issue with the PGP message or signature would result in a pgp_data_error
. If the message is not a valid pgp message it would result in a pgp_error
.
It is not clear to us (@mxsasha, @bwbroersma and me) what the exact difference is between pgp_data_error
and pgp_error
. Moreover, it is not clear to us how these new error messages relate to signed_format_issue
. Could you elaborate?
We made 2 pgp error distinctions. These were made because the PGPy library also seems to make these distinction.
The first and most common will be the pgp_data_error
. This means that there is an issue with the message formatting. So, for instance, missing information like the end message or other required fields or unexpected fields within the message.
The second error, pgp_error
, occurs when there was an issue with the encoded data within the pgp message. So if there was an issue with decoding the data within the pgp armored block.
Thanks for the explanation! Still some additional questions:
pgp_data_error
or a pgp_error
? signed_format_issue
(partly) overlapping with pgp_data_error
? If it is regarding a pgp signed message it will enforce the addition of a valid pgp signature. If it is not present it will throw a pgp_data_error
. This includes a pgp signature that is not correctly formatted, so for instance no CRLF (or too many) after the armor header or no armor-tail will also throw a pgp_data_error
. It will also validate the base64 data. If this is not valid it will give a pgp_error
because it could not decode the pgp message.
There is currently no enforcment of the hash-header or the CRLF after the hash header. This is not listed as required in the RFC 4880 which describes the OpenPGP Message Format, but since seems to be a requirement listed in chapter 4 of rfc9116 we will add a check for this with a newer version.
the signed_format_issue
error only checks if the header is at the start of the security.txt. If this is not the case it will not throw a pgp_data_error
Singed message is not enforcing signature, e.g.:
This currently parses as valid with zero errors.
The issues for signed messages I can see:
1*
, so should be one or more)-----BEGIN PGP SIGNATURE-----
) not enforced-----END PGP SIGNATURE-----
) not explicitly enforced (only needed when armor-header is present, when armor-tail is missing, the error will beno_line_separators
, because the last line is{'type': 'pgp_envelope'}
, even when empty)The current code quite literally is this xkcd PGP :upside_down_face::