search

singpolyma / openpgp-php

OpenPGP.php is a pure-PHP implementation of the OpenPGP Message Format (RFC 4880).
http://singpolyma.github.io/openpgp-php/
The Unlicense
179 stars 69 forks source link

Fix checking when no bytes are available for reading #96

Closed ottoszika closed 3 years ago

ottoszika commented 4 years ago

Hello,

I found an issue in OpenPGP_Packet::read_byte method. This can lead to invalid issuer key in signatures.

Unfortunately if the issuer key contains 0x30 it's replaced by 0x00. For example: Correct Key ID Result
C25059FA8730BC38 C25059FA8700BC38
6B799484725130FE 6B799484725100FE

This behaviour is because the 0x30 is (string) "0"which is evaluated as false in PHP when no strict checking is performed in read_byte method.

Keys are not affected by this bug.

My solution is to check if the byte obtained is NULL or not.

I added some concrete test cases and some extras to be sure it doesn't break anything. Here are my used test files: File Key ID Type Affected
000079-002.sig C25059FA8730BC38 S 🔴
000080-006.public_key 3047D4A7B15467AB K ⚪
000081-002.sig 6B799484725130FE S 🔴
000082-006.public_key BD7BA7BC5547FD09 K ⚪
000083-002.sig BD7BA7BC5547FD09 S ⚪

Regards, Otto

singpolyma commented 3 years ago

Merged as 871d38da8b1859db364056d451deec921c59b22e